urlscan.io logo urlscan.io
SecurityTrails logo

www.marchofdimes.org Open in urlscan Pro
2606:4700:10::ac43:a5a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadO...
Effective URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_...
Submission: On January 02 via manual from MX — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 9 countries across 87 domains to perform 479 HTTP transactions. The main IP is 2606:4700:10::ac43:a5a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.marchofdimes.org. The Cisco Umbrella rank of the primary domain is 689120.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2023. Valid for: a year.
This is the only time www.marchofdimes.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.17.73.206 13335 (CLOUDFLAR...)
17 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
18 104.26.4.251 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 108.157.1.118 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 151.101.129.44 54113 (FASTLY)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
12 2620:1ec:c11:... 8068 (MICROSOFT...)
3 8 216.58.206.38 15169 (GOOGLE)
8 2620:116:800d... 16509 (AMAZON-02)
2 23.213.165.149 16625 (AKAMAI-AS)
6 2a03:2880:f08... 32934 (FACEBOOK)
1 104.18.12.242 13335 (CLOUDFLAR...)
2 5 142.250.181.230 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
6 2.23.209.49 20940 (AKAMAI-ASN1)
1 18.154.63.81 16509 (AMAZON-02)
1 37.157.6.236 198622 (ADFORM)
5 188.114.97.3 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
2 35.71.131.137 16509 (AMAZON-02)
7 8 2620:1ec:21::14 8068 (MICROSOFT...)
2 13.107.42.14 8068 (MICROSOFT...)
4 2600:9000:224... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
3 52.86.238.173 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
48 104.26.5.251 13335 (CLOUDFLAR...)
1 2 185.167.164.43 198622 (ADFORM)
2 2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f17... 32934 (FACEBOOK)
56 18.154.63.19 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 40.160.4.235 16276 (OVH)
2 154.59.122.94 174 (COGENT-174)
2 72.44.44.12 14618 (AMAZON-AES)
2 2a02:2638:3::e 44788 (ASN-CRITE...)
2 4 37.252.171.21 29990 (ASN-APPNEX)
4 7 37.252.171.149 29990 (ASN-APPNEX)
8 18.193.153.136 16509 (AMAZON-02)
22 54.186.23.98 16509 (AMAZON-02)
5 64.202.112.127 22075 (AS-OUTBRAIN)
6 10 2a02:2638:3::c 44788 (ASN-CRITE...)
6 151.101.1.21 54113 (FASTLY)
4 2600:9000:224... 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 11 37.157.4.28 198622 (ADFORM)
1 37.157.4.29 198622 (ADFORM)
32 54.187.159.182 16509 (AMAZON-02)
4 34.213.100.182 16509 (AMAZON-02)
2 6 178.250.1.9 44788 (ASN-CRITE...)
2 74.119.119.150 19750 (AS-CRITEO)
3 192.229.221.25 15133 (EDGECAST)
2 151.101.193.35 54113 (FASTLY)
3 99.81.117.7 16509 (AMAZON-02)
3 23.213.165.82 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
1 35.157.42.67 16509 (AMAZON-02)
3 217.182.178.234 16276 (OVH)
1 2607:ae80:4::25 26558 (FREEWHEEL)
3 3.69.92.105 16509 (AMAZON-02)
1 4 104.18.36.155 13335 (CLOUDFLAR...)
6 7 77.243.51.121 42697 (NETIC-AS)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
5 5 142.250.185.162 15169 (GOOGLE)
1 3.121.27.153 16509 (AMAZON-02)
2 2 54.78.254.47 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 34.250.183.118 16509 (AMAZON-02)
2 2.23.197.190 16625 (AKAMAI-AS)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 1 99.81.243.254 16509 (AMAZON-02)
1 52.92.20.216 16509 (AMAZON-02)
3 34.250.78.204 16509 (AMAZON-02)
3 185.64.191.210 62713 (AS-PUBMATIC)
1 18.66.248.63 16509 (AMAZON-02)
2 3 54.217.36.38 16509 (AMAZON-02)
2 4 108.129.21.249 16509 (AMAZON-02)
1 1 54.216.96.95 16509 (AMAZON-02)
2 2 52.57.164.72 16509 (AMAZON-02)
1 216.46.185.183 13649 (ASN-FLEXE...)
3 141.95.98.65 16276 (OVH)
2 2 35.190.24.218 15169 (GOOGLE)
3 23.32.185.35 16625 (AKAMAI-AS)
1 2600:9000:211... 16509 (AMAZON-02)
1 46.19.11.36 51790 (SIEL)
3 76.223.111.18 16509 (AMAZON-02)
1 52.58.128.62 16509 (AMAZON-02)
1 198.137.150.201 16509 (AMAZON-02)
4 2a00:1450:401... 15169 (GOOGLE)
2 95.101.148.20 16625 (AKAMAI-AS)
2 69.173.144.165 26667 (RUBICONPR...)
4 141.226.228.48 200478 (TABOOLA-AS)
4 3.71.149.231 16509 (AMAZON-02)
2 23.48.23.145 20940 (AKAMAI-ASN1)
2 37.157.5.133 198622 (ADFORM)
2 52.30.133.211 16509 (AMAZON-02)
2 34.117.157.22 396982 (GOOGLE-CL...)
2 18.196.116.41 16509 (AMAZON-02)
2 18.211.93.14 14618 (AMAZON-AES)
2 3.65.6.17 16509 (AMAZON-02)
2 2600:1f18:612... 14618 (AMAZON-AES)
2 85.215.5.31 6786 (CRONON-BE...)
2 54.216.105.108 16509 (AMAZON-02)
3 2600:9000:243... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
5 104.19.218.90 13335 (CLOUDFLAR...)
1 104.19.219.90 13335 (CLOUDFLAR...)
479 109
1    104.17.73.206 (None, )

ASN13335 (CLOUDFLARENET, US)
go.marchofdimes.org
17    2606:4700:10::ac43:a5a (United States)

ASN13335 (CLOUDFLARENET, US)
www.marchofdimes.org
give.marchofdimes.org
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
10    2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
18    104.26.4.251 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.fundraiseup.com
static.fundraiseup.com
api.fundraiseup.com
5    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net
js.adsrvr.org
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
12    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
8    216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f6.1e100.net
8832015.fls.doubleclick.net
8    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    23.213.165.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-149.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
6    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
5    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
13    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
play.google.com
6    2.23.209.49 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-49.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    18.154.63.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-81.dus51.r.cloudfront.net
js.ipredictive.com
1    37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
5    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
fndrsp.net
fndrsp-checkout.net
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
8    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
4    2600:9000:224a:6e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
3    52.86.238.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-238-173.compute-1.amazonaws.com
ad.ipredictive.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
48    104.26.5.251 (None, )

ASN13335 (CLOUDFLARENET, US)
static.fundraiseup.com
api.fundraiseup.com
2    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
a2.adform.net
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
56    18.154.63.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-19.dus51.r.cloudfront.net
js.stripe.com
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    40.160.4.235 (United States)

ASN16276 (OVH, FR)
sentry.fundraiseup.com
2    154.59.122.94 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
e.acuityplatform.com
2    72.44.44.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-72-44-44-12.compute-1.amazonaws.com
px.adentifi.com
2    2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
4    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
7    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
8    18.193.153.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
tags.srv.stackadapt.com
22    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
5    64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
sync.outbrain.com
10    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
6    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
4    2600:9000:224a:7a00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
2    2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ucarecdn.com
11    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
1    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
a1.seadform.net
32    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
r.stripe.com
4    34.213.100.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-100-182.us-west-2.compute.amazonaws.com
m.stripe.com
6    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
3    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    151.101.193.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
3    99.81.117.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-117-7.eu-west-1.compute.amazonaws.com
ad.360yield.com
3    23.213.165.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-82.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    35.157.42.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-42-67.eu-central-1.compute.amazonaws.com
ih.adscale.de
3    217.182.178.234 (France)

ASN16276 (OVH, FR)
PTR: ip234.ip-217-182-178.eu
rtb-csync.smartadserver.com
1    2607:ae80:4::25 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
3    3.69.92.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-92-105.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
r.casalemedia.com
7    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
se.semasio.net
2    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
5    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
1    3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
ps.eyeota.net
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:c700::21 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    34.250.183.118 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-183-118.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
eu-u.openx.net
1    99.81.243.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-243-254.eu-west-1.compute.amazonaws.com
api.adrtx.net
1    52.92.20.216 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
3    34.250.78.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-78-204.eu-west-1.compute.amazonaws.com
beacon.krxd.net
3    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    18.66.248.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-63.dus51.r.cloudfront.net
pdw-adf.userreport.com
3    54.217.36.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-36-38.eu-west-1.compute.amazonaws.com
a.audrte.com
4    108.129.21.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-21-249.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.216.96.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-96-95.eu-west-1.compute.amazonaws.com
aa.agkn.com
2    52.57.164.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-164-72.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    216.46.185.183 (Highlands Ranch, United States)

ASN13649 (ASN-FLEXENTIAL, US)
global.ib-ibi.com
3    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
2    35.190.24.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
3    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
criteo-sync.teads.tv
1    2600:9000:211e:d600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si
match.contentexchange.me
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    52.58.128.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-128-62.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    198.137.150.201 (United States)

ASN16509 (AMAZON-02, US)
merchant-ui-api.stripe.com
4    2a00:1450:4013:c04::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
pay.google.com
2    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
trc-events.taboola.com
4    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    23.48.23.145 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-145.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    52.30.133.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-133-211.eu-west-1.compute.amazonaws.com
visitor.omnitagjs.com
2    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
2    18.196.116.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-116-41.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
2    18.211.93.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-93-14.compute-1.amazonaws.com
jadserve.postrelease.com
2    3.65.6.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-6-17.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    2600:1f18:612b:4264:71a5:abfd:648d:2410 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
2    85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
2    54.216.105.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-105-108.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
3    2600:9000:243d:3200:b:1d09:f200:93a1 (United States)

ASN16509 (AMAZON-02, US)
b.stripecdn.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    104.19.218.90 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
api2.hcaptcha.com
api.hcaptcha.com
1    104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)
newassets.hcaptcha.com
Apex Domain
Subdomains		 Transfer
115 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2656
q.stripe.com — Cisco Umbrella Rank: 13887
r.stripe.com — Cisco Umbrella Rank: 6573
m.stripe.com — Cisco Umbrella Rank: 2365
merchant-ui-api.stripe.com — Cisco Umbrella Rank: 12870
2 MB
67 fundraiseup.com
cdn.fundraiseup.com — Cisco Umbrella Rank: 59411
static.fundraiseup.com — Cisco Umbrella Rank: 54477
api.fundraiseup.com — Cisco Umbrella Rank: 179449
sentry.fundraiseup.com — Cisco Umbrella Rank: 202515
1 MB
21 google.com
adservice.google.com — Cisco Umbrella Rank: 189
www.google.com — Cisco Umbrella Rank: 6
pay.google.com — Cisco Umbrella Rank: 3910
play.google.com — Cisco Umbrella Rank: 95
425 KB
21 doubleclick.net
8832015.fls.doubleclick.net — Cisco Umbrella Rank: 921481
ad.doubleclick.net — Cisco Umbrella Rank: 199
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
28 KB
20 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 4009
gum.criteo.com — Cisco Umbrella Rank: 597
mug.criteo.com — Cisco Umbrella Rank: 1867
sslwidget.criteo.com — Cisco Umbrella Rank: 2480
widget.us.criteo.com — Cisco Umbrella Rank: 27168
dis.criteo.com — Cisco Umbrella Rank: 943
68 KB
18 marchofdimes.org
go.marchofdimes.org — Cisco Umbrella Rank: 581801
www.marchofdimes.org — Cisco Umbrella Rank: 689120
give.marchofdimes.org
390 KB
16 adform.net
s2.adform.net — Cisco Umbrella Rank: 7751
a2.adform.net — Cisco Umbrella Rank: 12667
c1.adform.net — Cisco Umbrella Rank: 1001
dmp.adform.net — Cisco Umbrella Rank: 4001
cm.adform.net — Cisco Umbrella Rank: 1664
41 KB
12 bing.com
bat.bing.com — Cisco Umbrella Rank: 692
54 KB
11 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 793
ib.adnxs.com — Cisco Umbrella Rank: 356
8 KB
10 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
www.linkedin.com — Cisco Umbrella Rank: 944
px4.ads.linkedin.com — Cisco Umbrella Rank: 7294
10 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 625
172 KB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3050
t.paypal.com — Cisco Umbrella Rank: 3583
89 KB
8 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 4796
17 KB
8 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2137
pixel.quantserve.com — Cisco Umbrella Rank: 1736
39 KB
7 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2396
se.semasio.net — Cisco Umbrella Rank: 19184
4 KB
7 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3674
tr.outbrain.com — Cisco Umbrella Rank: 3336
wave.outbrain.com — Cisco Umbrella Rank: 3465
sync.outbrain.com — Cisco Umbrella Rank: 1287
9 KB
6 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 6229
newassets.hcaptcha.com — Cisco Umbrella Rank: 7636
api2.hcaptcha.com — Cisco Umbrella Rank: 18736
api.hcaptcha.com — Cisco Umbrella Rank: 7827
405 KB
6 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 818
151 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
266 KB
6 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1255
trc.taboola.com — Cisco Umbrella Rank: 960
sync-t1.taboola.com — Cisco Umbrella Rank: 2152
trc-events.taboola.com — Cisco Umbrella Rank: 2320
23 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
21 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
410 KB
4 gstatic.com
www.gstatic.com
101 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
170 B
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
3 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
r.casalemedia.com — Cisco Umbrella Rank: 2571
2 KB
4 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2891
36 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 9341
www.google.de — Cisco Umbrella Rank: 4002
2 KB
4 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1945
7 KB
4 ipredictive.com
js.ipredictive.com — Cisco Umbrella Rank: 29469
ad.ipredictive.com — Cisco Umbrella Rank: 8095
3 KB
3 stripecdn.com
b.stripecdn.com — Cisco Umbrella Rank: 18058
43 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 731
418 B
3 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2019
criteo-sync.teads.tv — Cisco Umbrella Rank: 3178
489 B
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 658
3 KB
3 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3399
2 KB
3 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
373 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1173
1010 B
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 3106
load77.exelator.com — Cisco Umbrella Rank: 6128
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
436 B
3 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004
489 B
3 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 744
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
692 B
3 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4236
705 B
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 995
595 B
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2512
33 KB
3 fndrsp-checkout.net
fndrsp-checkout.net — Cisco Umbrella Rank: 196518
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
234 B
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2259
insight.adsrvr.org — Cisco Umbrella Rank: 1095
match.adsrvr.org — Cisco Umbrella Rank: 594
3 KB
2 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3522
75 B
2 twiago.com
a.twiago.com — Cisco Umbrella Rank: 28126
306 B
2 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3791
797 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 797
69 B
2 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1607
843 B
2 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1753
2 KB
2 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 9290
359 B
2 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1124
768 B
2 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1385
638 B
2 media.net
contextual.media.net — Cisco Umbrella Rank: 1093
2 KB
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14378
630 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
1 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 1261
648 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2052
928 B
2 ucarecdn.com
ucarecdn.com — Cisco Umbrella Rank: 24308
14 KB
2 adentifi.com
px.adentifi.com — Cisco Umbrella Rank: 16453
69 B
2 acuityplatform.com
e.acuityplatform.com — Cisco Umbrella Rank: 33546
374 B
2 fndrsp.net
fndrsp.net — Cisco Umbrella Rank: 55640
756 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1877
31 KB
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 3028
44 B
1 contentexchange.me
match.contentexchange.me — Cisco Umbrella Rank: 40489
49 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1035
238 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 3432
72 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 973
496 B
1 userreport.com
pdw-adf.userreport.com — Cisco Umbrella Rank: 39122
444 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
390 B
1 adrtx.net
api.adrtx.net — Cisco Umbrella Rank: 48841
407 B
1 openx.net
eu-u.openx.net — Cisco Umbrella Rank: 3669
264 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419
266 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 764
98 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1645
344 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
639 B
1 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 5432
38 B
1 seadform.net
a1.seadform.net — Cisco Umbrella Rank: 44866
467 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
5 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 3722
50 KB
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 21734
96 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1429
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
1 KB
0 adsafety.net Failed
cm.adsafety.net Failed
479 87
Domain Requested by
62 static.fundraiseup.com cdn.fundraiseup.com
static.fundraiseup.com
www.marchofdimes.org
56 js.stripe.com static.fundraiseup.com
js.stripe.com
32 r.stripe.com js.stripe.com
22 q.stripe.com go.marchofdimes.org
js.stripe.com
16 www.marchofdimes.org go.marchofdimes.org
www.marchofdimes.org
static.cloudflareinsights.com
12 play.google.com www.gstatic.com
12 bat.bing.com www.googletagmanager.com
bat.bing.com
8832015.fls.doubleclick.net
10 cdn.cookielaw.org www.marchofdimes.org
cdn.cookielaw.org
8 c1.adform.net 1 redirects a2.adform.net
c1.adform.net
8 gum.criteo.com 6 redirects dynamic.criteo.com
8 tags.srv.stackadapt.com 8832015.fls.doubleclick.net
tags.srv.stackadapt.com
8 8832015.fls.doubleclick.net 3 redirects www.googletagmanager.com
adservice.google.com
7 ib.adnxs.com 4 redirects 8832015.fls.doubleclick.net
go.marchofdimes.org
6 www.paypal.com static.fundraiseup.com
www.paypal.com
www.paypalobjects.com
6 px.ads.linkedin.com 5 redirects static.fundraiseup.com
6 analytics.tiktok.com go.marchofdimes.org
analytics.tiktok.com
6 connect.facebook.net go.marchofdimes.org
connect.facebook.net
8832015.fls.doubleclick.net
5 cm.g.doubleclick.net 5 redirects
5 ad.doubleclick.net 2 redirects go.marchofdimes.org
5 www.googletagmanager.com www.marchofdimes.org
www.googletagmanager.com
4 www.gstatic.com pay.google.com
www.gstatic.com
4 ups.analytics.yahoo.com go.marchofdimes.org
4 dis.criteo.com
4 pay.google.com static.fundraiseup.com
pay.google.com
go.marchofdimes.org
www.gstatic.com
4 dpm.demdex.net 2 redirects
4 se.semasio.net 3 redirects c1.adform.net
4 m.stripe.com m.stripe.network
4 m.stripe.network js.stripe.com
m.stripe.network
4 secure.adnxs.com 2 redirects 8832015.fls.doubleclick.net
c1.adform.net
4 pixel.quantserve.com 8832015.fls.doubleclick.net
4 rules.quantcount.com secure.quantserve.com
4 secure.quantserve.com www.googletagmanager.com
8832015.fls.doubleclick.net
3 newassets.hcaptcha.com hcaptcha.com
newassets.hcaptcha.com
3 b.stripecdn.com js.stripe.com
b.stripecdn.com
3 eb2.3lift.com c1.adform.net
go.marchofdimes.org
3 id5-sync.com c1.adform.net
go.marchofdimes.org
3 dmp.adform.net c1.adform.net
3 a.audrte.com 2 redirects c1.adform.net
3 simage2.pubmatic.com c1.adform.net
go.marchofdimes.org
3 beacon.krxd.net c1.adform.net
3 uipglob.semasio.net 3 redirects
3 x.bidswitch.net c1.adform.net
go.marchofdimes.org
3 rtb-csync.smartadserver.com c1.adform.net
go.marchofdimes.org
3 ad.yieldlab.net c1.adform.net
go.marchofdimes.org
3 ad.360yield.com c1.adform.net
go.marchofdimes.org
3 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
3 fndrsp-checkout.net cdn.fundraiseup.com
3 tr.outbrain.com amplify.outbrain.com
3 www.facebook.com 8832015.fls.doubleclick.net
3 ad.ipredictive.com js.ipredictive.com
8832015.fls.doubleclick.net
3 adservice.google.com 8832015.fls.doubleclick.net
3 region1.google-analytics.com www.googletagmanager.com
3 api.fundraiseup.com cdn.fundraiseup.com
static.fundraiseup.com
2 trc-events.taboola.com static.fundraiseup.com
2 sync-criteo.ads.yieldmo.com go.marchofdimes.org
2 a.twiago.com go.marchofdimes.org
2 criteo-partners.tremorhub.com go.marchofdimes.org
2 match.sharethrough.com go.marchofdimes.org
2 sync.outbrain.com go.marchofdimes.org
2 jadserve.postrelease.com go.marchofdimes.org
2 exchange.mediavine.com go.marchofdimes.org
2 matching.ivitrack.com go.marchofdimes.org
2 r.casalemedia.com go.marchofdimes.org
2 visitor.omnitagjs.com go.marchofdimes.org
2 cm.adform.net go.marchofdimes.org
2 hb.yahoo.net go.marchofdimes.org
2 criteo-sync.teads.tv go.marchofdimes.org
2 sync-t1.taboola.com go.marchofdimes.org
2 pixel.rubiconproject.com go.marchofdimes.org
2 contextual.media.net go.marchofdimes.org
2 redirect.frontend.weborama.fr 2 redirects
2 pm.w55c.net 2 redirects
2 tags.bluekai.com c1.adform.net
2 loadm.exelator.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects c1.adform.net
2 t.paypal.com www.marchofdimes.org
2 widget.us.criteo.com 8832015.fls.doubleclick.net
2 sslwidget.criteo.com 2 redirects
2 mug.criteo.com 8832015.fls.doubleclick.net
2 ucarecdn.com www.marchofdimes.org
2 dynamic.criteo.com 8832015.fls.doubleclick.net
2 px.adentifi.com 8832015.fls.doubleclick.net
2 e.acuityplatform.com 8832015.fls.doubleclick.net
2 www.google.de
2 www.google.com
2 adservice.google.de 2 redirects
2 a2.adform.net 1 redirects
2 googleads.g.doubleclick.net www.googletagmanager.com
2 px4.ads.linkedin.com 8832015.fls.doubleclick.net
2 www.linkedin.com 2 redirects
2 fndrsp.net cdn.fundraiseup.com
2 snap.licdn.com www.googletagmanager.com
8832015.fls.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 api.hcaptcha.com newassets.hcaptcha.com
1 api2.hcaptcha.com newassets.hcaptcha.com
1 hcaptcha.com b.stripecdn.com
1 merchant-ui-api.stripe.com js.stripe.com
1 e1.emxdgt.com c1.adform.net
1 match.contentexchange.me c1.adform.net
1 s.ad.smaato.net c1.adform.net
1 sync.teads.tv c1.adform.net
1 global.ib-ibi.com c1.adform.net
1 match.adsrvr.org c1.adform.net
1 aa.agkn.com 1 redirects
1 pdw-adf.userreport.com c1.adform.net
1 s3-eu-west-1.amazonaws.com c1.adform.net
1 api.adrtx.net 1 redirects
1 eu-u.openx.net c1.adform.net
1 sync.crwdcntrl.net c1.adform.net
1 idsync.rlcdn.com c1.adform.net
1 load77.exelator.com c1.adform.net
1 ps.eyeota.net c1.adform.net
1 ads.stickyadstv.com c1.adform.net
1 ih.adscale.de c1.adform.net
1 token.rubiconproject.com c1.adform.net
1 a1.seadform.net
1 wave.outbrain.com amplify.outbrain.com
1 sentry.fundraiseup.com static.fundraiseup.com
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 pagead2.googlesyndication.com ad.doubleclick.net
1 insight.adsrvr.org js.adsrvr.org
1 trc.taboola.com cdn.taboola.com
1 s2.adform.net go.marchofdimes.org
1 js.ipredictive.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 cdn.resonate.com go.marchofdimes.org
1 amplify.outbrain.com www.googletagmanager.com
1 cdn.taboola.com www.googletagmanager.com
1 js.adsrvr.org www.googletagmanager.com
1 cdn.fundraiseup.com go.marchofdimes.org
1 give.marchofdimes.org www.marchofdimes.org
1 static.cloudflareinsights.com www.marchofdimes.org
1 fonts.googleapis.com www.marchofdimes.org
1 go.marchofdimes.org
0 cm.adsafety.net Failed c1.adform.net
479 136
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-15 -
2024-04-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
fundraiseup.com
Cloudflare Inc ECC CA-3		 2023-05-22 -
2024-05-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-11 -
2024-01-09		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.ipredictive.com
Amazon RSA 2048 M02		 2023-03-14 -
2024-04-11		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sentry.fundraiseup.com
R3		 2023-12-30 -
2024-03-29		 3 months crt.sh
*.acuityplatform.com
Go Daddy Secure Certificate Authority - G2		 2023-04-13 -
2024-05-14		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-09-09 -
2024-10-07		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-13 -
2024-08-20		 10 months crt.sh
cps3.ucarecdn.com
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.seadform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-08		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adscale.de
Amazon RSA 2048 M02		 2023-07-18 -
2024-08-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2023-03-08 -
2024-04-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.userreport.com
Amazon RSA 2048 M02		 2023-11-20 -
2024-12-17		 a year crt.sh
*.ib-ibi.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-21 -
2024-04-02		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.contentexchange.me
Sectigo RSA Domain Validation Secure Server CA		 2023-05-29 -
2024-06-04		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
hb.yahoo.net
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
itm.ivitrack.com
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-07 -
2025-01-06		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 33 frames:

Primary Page: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Frame ID: 975FCCEC5D022B794AF29C47796D892F
Requests: 170 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Frame ID: 42887158EF4CE59617F6821A54CCBF09
Requests: 1 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Frame ID: DBAD00A3BB81F22168811C7700723468
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=2n62y3m&ref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&upid=b8lvzxo&upv=1.1.0
Frame ID: 219CACEE68095BADA8ED966F20917D66
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Frame ID: 537CA36BF29A360D255C2B65D552A92B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Frame ID: B4D09A5CBFAC1576CA8E41BE43FF78EE
Requests: 1 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=107549&cache_buster=1704204807&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&val=undefined&tn=undefined&p1=gtm.js
Frame ID: 5DB3A970CEF96F88A9305E011F83FD61
Requests: 1 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Frame ID: 6BBF4A37F56B6B2C6AB538B615AAAE0C
Requests: 19 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Frame ID: 9BA21321297897B1B651ADA1BC520554
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/
Frame ID: 9AD9C9AD3FE4FE068FDEB1747560FD55
Requests: 13 HTTP requests in this frame

Frame: https://static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
Frame ID: F955EAFBE462FDD128C1E1FC48FA5EEE
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 63FFD78DCC6528CC0D07DDB7C554EC24
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: BCCD1EA3CB13323BE09578B429B6308E
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: 4BA860BEDD6D58454FE8F9DF0646B639
Requests: 32 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: 8AFC077FDA11D020D7FBB71C18319636
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Frame ID: 8BC700D686802BBD68CEA0CA7638DAB1
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 8DB40E5553922209CC83A4F33539AF0A
Requests: 6 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 59E9DBEC3F1CD598A06B1AC5FA61DB40
Requests: 4 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Frame ID: F31D5C12FDC01648DCE98A03E901309D
Requests: 20 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Frame ID: 314283A50584AE9B98E6A3005B600B6E
Requests: 41 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: 63E96AC1B1CDE1062A718381F5D20F54
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: 5480182148A901000DC7DAF9C576043C
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: 293048622EEAB54B38A7765F7F3B6503
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Frame ID: 575FFC93D3B29D2D2E0B7AA9B80F823C
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Frame ID: 17A3F978484A4AFE080A11946DC5ACCC
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Frame ID: 17780B98A42C313C85C9057DF9A26827
Requests: 2 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: E3ECE19B0F7BEBCC5F641779EF7A2AE3
Requests: 3 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-H8I4cAb-b_KM7egQ-k--PzIVnrG-F42xHKUXAg&google_gid=CAESEBrSlcsh53A7HjhMVvPgQ_U&google_cver=1&google_ula=913071,0
Frame ID: 5AB32DEBAC120DF2D531F48F56E927EB
Requests: 30 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-H8I4cAb-b_KM7egQ-k--PzIVnrG-F42xHKUXAg&google_gid=CAESEBrSlcsh53A7HjhMVvPgQ_U&google_cver=1&google_ula=913071,0
Frame ID: FB9FE5F64FE2E77F100C9CEC1B69C8D2
Requests: 30 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.marchofdimes.org&mid=
Frame ID: F843D0A2DAEDE81C350E119F1238FD99
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Frame ID: 2A140048C5B35FA5D86DAEB401FF93A6
Requests: 5 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=6c371f68-68db-460a-8fbc-84ba56e9cff3&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: E11548C61BD78A1FE68D35FFBB31956B
Requests: 5 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=sr2esco6vmn
Frame ID: 553A786A8759E3846B84421522119C8B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Donate Now | March of DimesCloseCloseCloseCloseCloseCloseCloseCloseBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8D... Page URL
  2. https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

479
Requests

93 %
HTTPS

28 %
IPv6

87
Domains

136
Subdomains

109
IPs

9
Countries

6231 kB
Transfer

21220 kB
Size

90
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM= Page URL
  2. https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w HTTP 302
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Request Chain 55
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w HTTP 302
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Request Chain 65
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CI7imNHxvoMDFQDyuwgd6VQDoA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 66
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CIrlmNHxvoMDFXyc_QcdmUwIiA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 94
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204807194&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204807194&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3446297%26time%3D1704204807194%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204807194&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204807194&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&cookiesTest=true&liSync=true&e_ipv6=AQKa56Tjc0B0dgAAAYzKha8TXICk6HekUONor2lTPlCdBq9v_4m6QfKPa_XwzDZDDkqnWdsf-0L6mFe_ZBmptBO926goag
Request Chain 108
  • https://a2.adform.net/Serving/TrackPoint/?pm=3179125&ADFdivider=%7C&ord=424021668857&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=424021668857&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Request Chain 109
  • https://adservice.google.de/ddm/fls/i/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w HTTP 302
  • https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Request Chain 111
  • https://adservice.google.de/ddm/fls/i/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w HTTP 302
  • https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Request Chain 134
  • https://secure.adnxs.com/px?id=1282070&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
Request Chain 135
  • https://ib.adnxs.com/seg?add=22494154 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
Request Chain 161
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204807555&url=https%3A%2F%2Fadservice.google.com%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2179642%26time%3D1704204807555%26url%3Dhttps%253A%252F%252Fadservice.google.com%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204807555&url=https%3A%2F%2Fadservice.google.com%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204807555&url=https%3A%2F%2Fadservice.google.com%2F&liSync=true&e_ipv6=AQJTiOifKOpPYQAAAYzKha9SuZcHasn7jsZ7pejgzQHpUDNHc2Q31hH8MpHoCgkFthxqcdUDLGjGY6BODCkfOpUPtjQpDA
Request Chain 185
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w HTTP 302
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Request Chain 222
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=www.marchofdimes.org&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=j4GtinxrQjVtZU5icGluK0dHU2ViRTdaMTBCTGdET3BRcmcvS2dxTHJIbVNvR0h4MEU0aFBoVUNWWXVkbVFoaGxES3FvSHdLRzJjVnl5YVoydWs4TTI2b20va0g4Z3VvTmNFV1BNMFpmeFpSSXh5WXFIRXMyWWFPemNackVoVHRmdzlROFg2dWtKMUdxVER6UExMd04vV0pHMUpyN3dPaXBjcnBVSGlpajltWXNNUnpVS0ZDbGhLbS9lNUJTd1I0SytkWnBXbUQvak83eWVHZ1dWYy9uRmxFVTlaanVjOUpxSUgrNkVxUmJnaFZTcWF2UEdKYXlKc1lEMm8xV3djOWFlbm1JWXNocFhDSkYweFJsQm1wSTd2YnZqSThzd2gvVFExaE5GMXNkb2RPaXF0aGxXS3NxN2NSRjRmcUpyVWk1NWx1MEowNmoweHk1SkFta2R0YUY4SC9GRnc9PXw&cppv=2
Request Chain 263
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=LwwhN19RN2NyWjc5b3pRcEZhZ1h3U096Z2NhRUVLJTJCZzB5WWQlMkJqRlNNWWRYaEZvbW4lMkJmZDVCU284aHhRNmNGT3NSem1DZjl0MnhwRDBnUHB1V05OZ0k4akd3MGwzSGxaSWVJQ3dTQU5zSEE0RHEyQWxjZzdsSWtaMTE5U2FwV1k2akxTc0FDNW5xWTN1N25JUm5majQwRGxnQmtBVnIlMkZQQmFwWnhjdkFLRTlvSE1DRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=5d855b8b-6907-4118-a960-1790f1180064&dtycbr=9713 HTTP 302
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=LwwhN19RN2NyWjc5b3pRcEZhZ1h3U096Z2NhRUVLJTJCZzB5WWQlMkJqRlNNWWRYaEZvbW4lMkJmZDVCU284aHhRNmNGT3NSem1DZjl0MnhwRDBnUHB1V05OZ0k4akd3MGwzSGxaSWVJQ3dTQU5zSEE0RHEyQWxjZzdsSWtaMTE5U2FwV1k2akxTc0FDNW5xWTN1N25JUm5majQwRGxnQmtBVnIlMkZQQmFwWnhjdkFLRTlvSE1DRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=5d855b8b-6907-4118-a960-1790f1180064&dtycbr=9713
Request Chain 267
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=LwwhN19RN2NyWjc5b3pRcEZhZ1h3U096Z2NhRUVLJTJCZzB5WWQlMkJqRlNNWWRYaEZvbW4lMkJmZDVCU284aHhRNmNGT3NSem1DZjl0MnhwRDBnUHB1V05OZ0k4akd3MGwzSGxaSWVJQ3dTQU5zSEE0RHEyQWxjZzdsSWtaMTE5U2FwV1k2akxTc0FDNW5xWTN1N25JUm5majQwRGxnQmtBVnIlMkZQQmFwWnhjdkFLRTlvSE1DRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=1642aae7-40ee-4288-b25e-89b2d5918673&dtycbr=11267 HTTP 302
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=LwwhN19RN2NyWjc5b3pRcEZhZ1h3U096Z2NhRUVLJTJCZzB5WWQlMkJqRlNNWWRYaEZvbW4lMkJmZDVCU284aHhRNmNGT3NSem1DZjl0MnhwRDBnUHB1V05OZ0k4akd3MGwzSGxaSWVJQ3dTQU5zSEE0RHEyQWxjZzdsSWtaMTE5U2FwV1k2akxTc0FDNW5xWTN1N25JUm5majQwRGxnQmtBVnIlMkZQQmFwWnhjdkFLRTlvSE1DRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=1642aae7-40ee-4288-b25e-89b2d5918673&dtycbr=11267
Request Chain 319
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9021619587798447779&expiration=1705414407 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9021619587798447779&expiration=1705414407&C=1
Request Chain 320
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=9021619587798447779&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=9021619587798447779&sInitiator=external HTTP 302
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=9021619587798447779&gdpr=&sInitiator=external HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7319503916052904087&sInitiator=internal&gdpr= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=6791097123189565003&sInitiator=internal&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=M0UxRTcwMEI3QzcwQkIxMw&gdpr= HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESECrbGBvru4CYCNqINFhSFfU&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESECrbGBvru4CYCNqINFhSFfU&sInitiator=internal&google_cver=1&gdpr=
Request Chain 322
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=9021619587798447779 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=9021619587798447779&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 327
  • https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Request Chain 330
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTAyMTYxOTU4Nzc5ODQ0Nzc3OQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOAgPQzFqfFRN9EFPDWy9B8&google_cver=1&google_ula=1641347,0
Request Chain 332
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=3&id=6791097123189565003&redirect=1 HTTP 302
  • https://secure.adnxs.com/setuid?entity=91&code=9021619587798447779
Request Chain 335
  • https://a.audrte.com/a?adform_uid=9021619587798447779 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmNobW1ZaEl2QWZUMVdEdGxqUVNWM3cxdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 336
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=9021619587798447779&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=9021619587798447779&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=07137639159710534292821716892233515511&noredirect=1
Request Chain 337
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=9021619587798447779 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219673204749002746026
Request Chain 338
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319503916052904087
Request Chain 340
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=g0c21uF31RkFwk5
Request Chain 344
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=4231305551 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=153r76wK3n.kJjBBZk0e1O
Request Chain 353
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=2&topUrl=www.marchofdimes.org&bundle=LwwhN19RN2NyWjc5b3pRcEZhZ1h3U096Z2NhRUVLJTJCZzB5WWQlMkJqRlNNWWRYaEZvbW4lMkJmZDVCU284aHhRNmNGT3NSem1DZjl0MnhwRDBnUHB1V05OZ0k4akd3MGwzSGxaSWVJQ3dTQU5zSEE0RHEyQWxjZzdsSWtaMTE5U2FwV1k2akxTc0FDNW5xWTN1N25JUm5majQwRGxnQmtBVnIlMkZQQmFwWnhjdkFLRTlvSE1DRSUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Zdb22HxqRE96TlBNUkFneGdEOVhtY1pGZVpJR3FnYXRLWVdXR3BQRndRSHMzUWdkM3V3cTVsWjFKMFRDTXp6c3B3dDFldzltK1k3UUJOZnk3djlGMDB4V0p6b3FpdW56ZEZ6bkdsUXdDNVM0WkNxbkRYajZVTjFpaCs5NDFiWTBMQ01KWGo4c3RvaHdiZnRqa1kzSU5KSmRVTUZLajlEMTVKa2ZpUy8yT0RtV0wybGhEOFB1YlZlQjRONHd6SEFRRU9yVnN3c1dYVVZhbDIzZGxuMHEremxOMVdKMldCdDR1eDhieURNRXRTMStUWjN2VzNvOFowSnRWa0xsYTBIWkJJeXNpY0MrUW1UdXBzOXlXdUU1dlY5U0FmbE81bDZlbWdaaHlTemo5NFZxb0RmZ1MyZUp1K3pmd0ZOeDE1eUw0VU1HUWRyR1M2UDl2TWNETzRDa2E2UUEvTGc9PXw&cppv=2
Request Chain 383
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-H8I4cAb-b_KM7egQ-k--PzIVnrG-F42xHKUXAg&google_cm&google_hm=ay1IOEk0Y0FiLWJfS003ZWdRLWstLVB6SVZuckctRjQyeEhLVVhBZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-H8I4cAb-b_KM7egQ-k--PzIVnrG-F42xHKUXAg&google_gid=CAESEBrSlcsh53A7HjhMVvPgQ_U&google_cver=1&google_ula=913071,0
Request Chain 385
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6791097123189565003
Request Chain 397
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=TZ3T0zh5Rfqsh23U6JXPY3_baMt4hGoP
Request Chain 410
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-H8I4cAb-b_KM7egQ-k--PzIVnrG-F42xHKUXAg&google_cm&google_hm=ay1IOEk0Y0FiLWJfS003ZWdRLWstLVB6SVZuckctRjQyeEhLVVhBZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-H8I4cAb-b_KM7egQ-k--PzIVnrG-F42xHKUXAg&google_gid=CAESEBrSlcsh53A7HjhMVvPgQ_U&google_cver=1&google_ula=913071,0
Request Chain 412
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6791097123189565003
Request Chain 424
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Zm1QHehA7EMVdS37-JRrEnbgkDM08w9G
Request Chain 441
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XsZHyliKydcwlEFxJRXpVSvnciC_xQV3
Request Chain 442
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=M_QItZYCjORyEcGQZMpksBntAj8vi_Mr

479 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0F... 		754 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Server
104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-bJllDBUUdZRtgBeZn0kap9QbNbpIQbmnE9m/sWuOPfQ=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
83f39a409e1c1919-FRA
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Tue, 02 Jan 2024 14:13:25 GMT
Server
cloudflare
Transfer-Encoding
chunked
cache-control
private, no-cache, no-store, max-age=0
content-security-policy
default-src 'self'; img-src 'self';script-src 'self' 'sha256-bJllDBUUdZRtgBeZn0kap9QbNbpIQbmnE9m/sWuOPfQ=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
referrer-policy
strict-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
a616addca930559f
Primary Request donate-now
www.marchofdimes.org/ 		39 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc680fbc98eb3c5f28221082a68d7965195badc857a7ffcea811bc9abaab411f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://go.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
must-revalidate, no-cache, private
cf-cache-status
DYNAMIC
cf-ray
83f39a428fd3922f-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 14:13:26 GMT
expires
Sun, 19 Nov 1978 05:00:00 GMT
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-drupal-cache
MISS
x-drupal-dynamic-cache
UNCACHEABLE
x-frame-options
SAMEORIGIN
x-generator
Drupal 9 (https://www.drupal.org)
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
css_i_IAUTuyaYflulzov9QOquZ0DRt2fYtf1VYDyYjfHo8.css
www.marchofdimes.org/sites/default/files/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/css/css_i_IAUTuyaYflulzov9QOquZ0DRt2fYtf1VYDyYjfHo8.css
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3c193a2e64fe803deba1f8c52fbec46e6a2089c546d8b18dc1f9a56ec4ca692
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 23:19:52 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=8629
etag
W/"94f-60d0d56313bb8"
vary
Accept-encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83f39a492d78922f-FRA
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eefe1e7d99ab4810bfb479ff54c275efb459b6ae9abfebfd221c4a518ead27d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 14:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 13:47:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 14:13:26 GMT
css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
www.marchofdimes.org/sites/default/files/css/ 		172 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26dd3e70c1aa731ac4c5a27ac65c200ceb2756eca0ae5862e8fab8b7d4985dd0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 23:19:52 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=177163
etag
W/"7d61-60d0d563bea18"
vary
Accept-encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83f39a492d79922f-FRA
x-xss-protection
1; mode=block
rocket-loader.min.js
www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
server
cloudflare
etag
W/"6581a422-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
83f39a492d86922f-FRA
expires
Thu, 04 Jan 2024 14:13:26 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83f39a494d450859-FRA
sprite.artifact.svg
www.marchofdimes.org/themes/gesso/dist/images/ 		6 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/images/sprite.artifact.svg
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
234
etag
W/"19d4-60d0d34b0c580"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39a492d88922f-FRA
x-xss-protection
1; mode=block
js_3zKdJjwbnH4zY-ZXfGrKTGbJMU4AUVlFIlJ8EY1UCvA.js
www.marchofdimes.org/sites/default/files/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/js/js_3zKdJjwbnH4zY-ZXfGrKTGbJMU4AUVlFIlJ8EY1UCvA.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f55809ae21d5dcfb8a6e01596d12eb88c0630f7e0aeff4c285b981df7864aed5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 30 Nov 2023 23:17:54 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=24764
etag
W/"19b1-60b66dc85ec70"
vary
Accept-encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
83f39a4a1e39922f-FRA
x-xss-protection
1; mode=block
reminder.js
give.marchofdimes.org/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.marchofdimes.org/reminder.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
183d1f7f458dfc35496d9eb446598b1b96658ab4dc316b23cea4cd7bfcd4c8ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 02 Oct 2023 16:39:53 GMT
server
cloudflare
age
234
cf-polished
origSize=6204
etag
W/"e6ce93114ff5d91:0"
vary
Accept-Encoding
x-powered-by
ASP.NET
content-type
application/javascript
cache-control
max-age=14400
permissions-policy
interest-cohort=()
cf-ray
83f39a4a3e53922f-FRA
js_-DDrB9INXKSpUh7RYEGn3k9Ww_ejwreIkMGDLsxqfB4.js
www.marchofdimes.org/sites/default/files/js/ 		160 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/js/js_-DDrB9INXKSpUh7RYEGn3k9Ww_ejwreIkMGDLsxqfB4.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c09f9bc171c32544001b130b5ed1f7f2e2b8c1ac817823452288bc678afc57e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 23:19:56 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=165577
etag
W/"f117-60d0d567acfa8"
vary
Accept-encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
83f39a4a1e3b922f-FRA
x-xss-protection
1; mode=block
google_tag.script.js
www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/ 		348 B
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/google_tag.script.js?s6mzfy
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2717d806962fe1e4c9810ca869fb82c8bbd86638ca6787d01ff8c947c20df3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 02 Jan 2024 13:43:11 GMT
server
cloudflare
age
234
etag
W/"15c-60df6adf03f18-gzip"
vary
Accept-Encoding
content-type
text/javascript
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39a4a1e3c922f-FRA
x-xss-protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
5rel+BW+cbOCNkEJ4C4NBQ==
age
42046
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:19:55 GMT
server
cloudflare
etag
0x8DC026A943751A5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d530a67f-201e-0007-3283-3455e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39a4a2b6f65c2-FRA
fcdafeaf549fc682810d.svg
www.marchofdimes.org/themes/gesso/dist/images/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.marchofdimes.org/themes/gesso/dist/images/fcdafeaf549fc682810d.svg
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c73ae3eda72c7eef8b13c75031180df1d81626dec2a68a846094d697fec3546
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:07:43 GMT
server
cloudflare
age
2852
etag
W/"1fb9-60d0d2abc8dc0"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39a4a1e40922f-FRA
x-xss-protection
1; mode=block
truncated
/ 		200 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fbdec47eb761902c4f7d14ccd5a3b97bbaca6a18d485482157fff7f97684d3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		743 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cc76e7f5b027b2566d97e2701af7b605a376c4a0487302d2634bbceb67eb349

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		538 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4471ccb98d7627f19e1fd997e5562b4be936baf86b6597eb63330c6843fc59c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
019696b175f8558a9f629b596b30b4715bf1219fbee3e3588dbacfb1582df84c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		328 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e944de09b6e048d89b1dff57baf718b2ac1dc0d273e55560decb4c82cc828c8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		325 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52142e0671ba7294da28434e2a92636b8848c1fe284fe09543c4e8f7e4716d11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
116448ff3191f74560d6d91c76cebc18ec741564aa62d5c6f8bdf8f611e8a2b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
218b91569ad8f0a5cf1aba89f3957966ecffb7b5852ca25b709bd8f887a00c90

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		521 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7176a2935514018f4c12a99dccc108407f9f4bdd7c1be1a097cbec7a90fb7542

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		518 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aa2fdddfcb25552a1713673a954bc864de1a7b22dc0ebe664fe8ddb6bcb21ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		392 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
420a436e0e9e1c48a2f9ce50b59fdb2b805d0274cc20fa569fd1726c4dbf90e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		389 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b73c2239b5b0ae6e051cb135734dc2101aeaf9032dd6b2c29ce9679330fc0bd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		583 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b81f50d6d819dd6d6aaf0cb6402329f0479c734ad2f0918eb9f8366b66f78c83

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		580 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a79623b8606d1583bada494ecdaac61b10440ba7a0da23185892f9d86f172dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		535 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24049fb41335d87d82a9faea10cf9aa2a0ef868037667b029d2953a940cdf67b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		532 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b410913850321efd333e39ddf1a5d49a433b29721126ec6d785f8f039e98bc32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
329746577f94a4f1785e.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		123 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/329746577f94a4f1785e.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e758310065d56c81731fadefacd48f77fe962456070bcd42b4fab78e044a69d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
234
etag
W/"1eb4c-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39a4a3e4b922f-FRA
x-xss-protection
1; mode=block
7ef1e78abcb43e957eec.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		130 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/7ef1e78abcb43e957eec.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d663da5e7f6fe773fda5fe642d04a71cd988f1132b343edb5be914d44a1f534
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
234
etag
W/"206b0-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39a4a3e4d922f-FRA
x-xss-protection
1; mode=block
09a9e3080c1a5236f325.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		131 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/09a9e3080c1a5236f325.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1802297dea21b3e6a860ccb64dac092312598f1743b8b6b9dd6c30adb4bfe45
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
2852
etag
W/"20b6c-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39a4a3e4f922f-FRA
x-xss-protection
1; mode=block
f58d53eb72d7239d4ca8.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		129 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/f58d53eb72d7239d4ca8.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd6d32400095fb406e63e748a6a8451eb6cdefc0f57d5f3217de10fdc57b416
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
234
etag
W/"20448-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39a4a3e50922f-FRA
x-xss-protection
1; mode=block
e78d3d4f87bc060c0a1a.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		131 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/e78d3d4f87bc060c0a1a.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c911d121bdba9548b91e8a057bfae7edbebe988a7423821fc7d4c090c64b92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
234
etag
W/"20a90-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39a4a3e51922f-FRA
x-xss-protection
1; mode=block
ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c.json
cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31c9ef99aae6896ff764e44f3cc121359d2a42dc49389a16a8b236f6e8aacfca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
10371
content-md5
g/KZi3qFt3L2oPImJ/jgJw==
content-length
1475
x-ms-lease-status
unlocked
last-modified
Tue, 10 Oct 2023 13:15:27 GMT
server
cloudflare
etag
0x8DBC992F85E777F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
75061c8f-701e-008c-697b-fb518d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39a4a996e65ce-FRA
expires
Wed, 03 Jan 2024 14:13:26 GMT
AJPYNTWD
cdn.fundraiseup.com/widget/ 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fundraiseup.com/widget/AJPYNTWD
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c539677a5fa924b3f663fbe2026616c64bd4080701b43c04e6489f9d31ccb87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"700361656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4MltLB%2BVZ3Sfpw%2BuL3Dzf7o6XQOnG1bHvIWmjzyye8NfA3bhgaPm%2BLsdVTvWoltKcsjcuXCIdnx9BqwtJ342qTmxgTFj%2BVVpTdl7beXdcE%2Bb8J32DAMhE2GvVeANy3FYMneJYU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
83f39a4ab9ba5d9e-FRA
link
<https://static.fundraiseup.com/8404ac38d731.elementsApi.js>; rel=preload; as=script, <https://static.fundraiseup.com/embed-data/elements-global/AJPYNTWD.js>; rel=preload; as=script, <https://static.fundraiseup.com/3.5405c7d5a80b.async-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/2.f1965a53d878.elements-langs-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/0.a67f871726a0.elements-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-vendors.90571ef5681f68c03c51.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-styles.5314794eb173af8226ff.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js>; rel=preload; as=script, <https://static.fundraiseup.com/sentry.46ead00774987992ad1f.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-modal-fiat-flow-factory.412db339158e6d1dd863.js>; rel=preload; as=script
alt-svc
h3=":443"; ma=86400
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202309.1.0/ 		424 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wp4bduWb8cLN8oREjFODhQ==
age
22583
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
104423
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:28 GMT
server
cloudflare
etag
0x8DBD0539A07337D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ebd2dd6e-701e-000a-56c3-139d34000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39a4adc2f65c2-FRA
gtm.js
www.googletagmanager.com/ 		362 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/google_tag.script.js?s6mzfy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7ab9076f2aae769d76e16fc79b147c0cde926233d585fb3a184cc0b80f1c8433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109260
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:13:26 GMT
sprite.artifact.svg
www.marchofdimes.org/themes/gesso/dist/images/ 		6 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/images/sprite.artifact.svg
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/js/js_-DDrB9INXKSpUh7RYEGn3k9Ww_ejwreIkMGDLsxqfB4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
234
etag
W/"19d4-60d0d34b0c580"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39a4b0ef0922f-FRA
x-xss-protection
1; mode=block
en.json
cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/03dae8d3-1490-4973-98ef-e49e49eac3e6/ 		91 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/03dae8d3-1490-4973-98ef-e49e49eac3e6/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db2fe02b994fdded9fe3acc3f595150e738f4a0c34d9a41e76a6627be26b5352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
32928
content-md5
pmspCWhZwPW8+QqTyR8o7Q==
content-length
18521
x-ms-lease-status
unlocked
last-modified
Tue, 10 Oct 2023 13:14:55 GMT
server
cloudflare
etag
0x8DBC992E56CEEA8
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ff622e96-301e-0079-457b-fbc5a7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39a4b0a1165ce-FRA
expires
Wed, 03 Jan 2024 14:13:26 GMT
rum
www.marchofdimes.org/cdn-cgi/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.marchofdimes.org
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
83f39a4b1ef4922f-FRA
otFlat.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ku3O1VFWoltPW4n5m1lGVQ==
age
66967
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:22 GMT
server
cloudflare
etag
0x8DBD053964DC527
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6e914481-501e-007f-5f93-0cf618000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39a4b5a6d65ce-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xznrm5/jaKmHSjGeIIkHOA==
age
23564
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12708
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:24 GMT
server
cloudflare
etag
0x8DBD05397A0A023
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
3b583b4f-e01e-0055-63e6-1d2908000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39a4b5a6e65ce-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
405
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d8b77f44-101e-00a5-15e6-116ff9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83f39a4b5a7065ce-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
65195
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:20:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a9d61206-701e-0078-3ca2-349a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83f39a4b8ab665ce-FRA
MOD_Logo_Donation.png
cdn.cookielaw.org/logos/619fa1da-f983-4882-ba6d-40627ba6ce87/a03b80d6-3bea-4390-97a7-fc8fcf47da90/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/619fa1da-f983-4882-ba6d-40627ba6ce87/a03b80d6-3bea-4390-97a7-fc8fcf47da90/MOD_Logo_Donation.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b57a6d97fc4340e01339086713fe15bc8c6bace25a8fa8b8682558c953c444a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OUtpBJgltqUBYxR5JoTCtQ==
age
405
content-length
20107
x-ms-lease-status
unlocked
last-modified
Mon, 03 Feb 2020 15:42:50 GMT
server
cloudflare
etag
0x8D7A8BFB9C0ADEB
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
d1d73800-f01e-003b-7786-0c7c27000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39a4b9d7c65c2-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
26782
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:20:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a220a8b7-a01e-006b-498a-34be77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83f39a4b9d7d65c2-FRA
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a25a6a4e9998707ab4dff5713e0150206403d814bb3963372e5db1fb555999e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86207
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:13:27 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-1-118.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 05:34:13 GMT
Content-Encoding
gzip
Via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 Dec 2023 01:34:49 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-P2
Age
31175
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
I9Qe-L55qRClFtw3tgOCPujk8lZPS2dgILXEtwEof4PdoTak6O1XSA==
js
www.googletagmanager.com/gtag/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8832015
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34dd264e6c13ffad5936e8c03270caee4d5c75a223e4c83928d54cc9b29dcffb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67456
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:13:27 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 13:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1510
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 02 Jan 2024 15:48:17 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1335104/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ceee682f306a64e8cf1b48d513f71a81dc852709cf2b36b3d9b3719fac0b0fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
CPjc27vK9QkggOQSCDqJ5FsgXBZJ9dxj
content-encoding
gzip
via
1.1 varnish
date
Tue, 02 Jan 2024 14:13:27 GMT
x-amz-request-id
MCBHMDAX4XV4X5K9
age
61
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
19973
x-amz-id-2
Gdh6a7kMxGRYIpWOuCzSFvhR4E3KDxWynrs2sa3oG9bRYceZhiCErA/obJzxc93k7Zusr8xziLA=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Sun, 31 Dec 2023 11:30:35 GMT
server
AmazonS3
x-timer
S1704204807.023875,VS0,VE6
etag
"4c28249a704a2eee05e8cffeb2135111"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
87
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
insight.min.js
snap.licdn.com/li.lms-analytics/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=75618
accept-ranges
bytes
content-length
15541
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:13:26 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1A4F6DED67C34D7894555D1DCDC2EB6D Ref B: FRAEDGE1909 Ref C: 2024-01-02T14:13:27Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
activityi;dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=...
8832015.fls.doubleclick.net/ Frame 4288
Redirect Chain
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafv...
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;d...
987 B
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/activityi;dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
cafe /
Resource Hash
1e165aced676a44dcfe63358d61c5de8b973540a500ec01e742ef190f2b2fd1d
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
604
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:13:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:13:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8832015.fls.doubleclick.net/activityi;dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafv...
8832015.fls.doubleclick.net/ Frame DBAD
Redirect Chain
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;ua...
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1...
989 B
782 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/activityi;dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
cafe /
Resource Hash
d2d70ab946fae1486dabd3b40d7e8b4754fd37f1bfdafbddd6129ee6c46d98a1
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
610
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:13:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:13:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8832015.fls.doubleclick.net/activityi;dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:13:27 GMT
obtp.js
amplify.outbrain.com/cp/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:13:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 13:05:28 GMT
Server
AkamaiNetStorage
ETag
"928c0d1860f13b981036d5c18f950ac2:1703078882.762337"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7779
Expires
Tue, 02 Jan 2024 14:33:27 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:13:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
G5ljjCe9jOZbCZePkmklKRfZOaOVZWso+89BI/Zew3lPP9F1pQM1MVgng3E8o+rjKPX2Z6ny9Muhl8KnATf3YQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/101125894/ 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/101125894/analytics.min.js
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
83f39a4c0e8a4d2e-FRA
vary
Accept-Encoding
B21591273.227039140;sz=1x2;ord=871948834737
ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=871948834737?
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
99efbd5bb0ba6e33c15483b4857717f271a05b11f637905e2a5079004170cb99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14769
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optimize.js
www.googleoptimize.com/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-W2ZD7L3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8166e6a7d3fe9fdc26b2f8a0bff105a647c884e550c57225b9cc660d0be6b278
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50505
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:13:27 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHD93M3C77U7KUN3M5L0&lib=ttq
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-49.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9f0e84423364abfd9e2fccdf384d965cdaf5f88947b48c6e3bc351c39bd3c835

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id
ea5a924.2b69e89a
date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240102141327F131B0410257DB4026E1-006DD0ED45E5EB2B-00
x-cache
TCP_MISS from a23-62-213-113.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
106,23.62.213.113
server-timing
cdn-cache; desc=MISS, edge; dur=108, origin; dur=7, inner; dur=4
content-length
1941
pragma
no-cache
server
nginx
x-tt-logid
20240102141327F131B0410257DB4026E1
x-cache-remote
TCP_MISS from a23-220-104-219.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.220.104.219
x-tt-trace-host
01ef509897cf8d658a0ad904f93095073bdb80c9f3d2b778b4137dfcbe4813d8a537853c92801eed04f03f4b5d120f5f4f6bd2fb0ca53a9a30d59d924e99e5a5484a81e6d2404538d49439722bd548ce4b54ae46017585b5cc12ebfb66fb4cf3de33ae3368f62ba641f2f6ae8c8ab1dfb0
expires
Tue, 02 Jan 2024 14:13:27 GMT
adelphic_universal_pixel.js
js.ipredictive.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ipredictive.com/adelphic_universal_pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-81.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
via
1.1 c9b630de734c38e36e97554a32ac1a68.cloudfront.net (CloudFront)
last-modified
Fri, 30 Sep 2022 15:42:59 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
age
121
etag
"83b469155694c51d4c5581028a6788bc"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2108
x-amz-cf-id
lz_cj9Xb_Nvc_lE3CexG1KyNU3buGkthgnaQ5BHGiX05F97-wOJMfA==
trackpoint-async.js
s2.adform.net/banners/scripts/st/ 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
gzip
last-modified
Tue, 23 May 2023 09:56:34 GMT
server
nginx
x-amz-request-id
tx000004a99d1e4c6dfecaa-00646c8ee1-32950a49-default
etag
W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
B21581475.237971066;dc_pre=CI7imNHxvoMDFQDyuwgd6VQDoA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CI7imNHxvoMDFQDyuwgd6VQDoA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;ta...
43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CI7imNHxvoMDFQDyuwgd6VQDoA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CI7imNHxvoMDFQDyuwgd6VQDoA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B21581475.265419780;dc_pre=CIrlmNHxvoMDFXyc_QcdmUwIiA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CIrlmNHxvoMDFXyc_QcdmUwIiA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;ta...
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CIrlmNHxvoMDFXyc_QcdmUwIiA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CIrlmNHxvoMDFXyc_QcdmUwIiA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8404ac38d731.elementsApi.js
static.fundraiseup.com/ 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3de7a0f6d4d192cc931ffc60dcd9c41cf823614d8fe3264c7553611853a2dc52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA2FN8C5607QYKWS
age
18628
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
hq8/zlDkrBEn2/AGY65t4RE5RXDVyr2+gTd70YK15YAZpy1LxZGD8KffmX50kA9A0ikw5T/6Qf8=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"a1890ed56981ecf46c638b122d04247d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjEbRpPeobRRBBaSjniXaLRBM5ZMVVihN1kmDRZ9G3Jvgcc7QF5%2FMyN5ndj%2B4dAy%2F4Gv4%2B90jPefbJC8Vt%2FH1wJDuQ5Ilx9MD7DWNilrlSpbeBc%2BPJjQuUCvyY%2FT4bmisfr9y9SVKUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4beb095d9e-FRA
AJPYNTWD.js
static.fundraiseup.com/embed-data/elements-global/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements-global/AJPYNTWD.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50703a9859028e070c5ba54517ac39c873fcfc5015907f5dac21c78648ccbdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PCTQFG6JD9MCG443
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
W50rBrNwSj8sxKsBNAkgsVM2kN9/sUSaMRhAdiq/1D0A217qNpEys+gBwhfTkuOyhtCL2D9qrxY=
last-modified
Tue, 02 Jan 2024 14:10:16 GMT
server
cloudflare
etag
W/"63cb5dadcb23c4e25551f1e7511c5365"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lskgHX5ko7vPBUM1WW0Q4%2BcjT0b%2BUXqo6G6sYtxSwdA9486IKGlTQF495kG9KI1six9KbLsPKd%2FSIWN6IzvdqRx9CsXFfjxSEhICbQkwO0X%2FpMuId4Vyh09eJdCZfYSRzElEfMjrGU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39a4beaf25d9e-FRA
3.5405c7d5a80b.async-vendors.js
static.fundraiseup.com/ 		102 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3.5405c7d5a80b.async-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fda46ad6de82ed65908428f090ab3cb24da2b2ab22e3f19e2713e94eecdc907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9BZ83A8VB1YCEY57
age
623014
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
fcmoURCjOT/Z7DP+9UM+18FXqM3sT1Q5RhykcvGXpx0qHFxggGw6CdaoKZ+SFJ7+S4QqV7oW2Fs=
last-modified
Tue, 26 Dec 2023 08:53:44 GMT
server
cloudflare
etag
W/"b78f8a914b2aac0785a820267d8712d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3KVQGsr%2Fnghkzc6v61e%2FU%2FHSEqnY9KO7wv7p1CV%2BHkA5rRYqYmhQIukfdEEXwv1eu%2BcCnKc3%2FTUa2fwqJXw4giQDfGAWEElmykAW%2B9Jz%2BfFIpV%2BGBgqeqeNnSH7HRUysCn3%2B7oB92Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4beaf35d9e-FRA
2.f1965a53d878.elements-langs-vendors.js
static.fundraiseup.com/ 		295 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2.f1965a53d878.elements-langs-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c963fd1212d60ca1c683bccb3c3ace830cdedc1dccf7256c112a9708f9e7cf88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V7ZV6V0C5TVCEB
age
362026
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
DEBeUDcbhBuNTGseMJG1V+YnEa+UPicJXs+gdsBoRvbf6GjmT9EoR4zp7THi/AkG0scDWxRzWCA=
last-modified
Fri, 29 Dec 2023 09:23:28 GMT
server
cloudflare
etag
W/"86230c72ced6be65504232d51156f84a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlkC2c7ajFYO1suRKhYeDCim9%2FNkT38c433kdeJm5xmgadi4Ji8EUMVpFja45MjKFPN43EDlvDpT1IuVwvpUWAJaI6UuQd%2F4bXEJoB6Tw%2BAHsQEem40UU0myzs39F63g%2B%2FvlVm%2FNuXM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4beaf65d9e-FRA
0.a67f871726a0.elements-vendors.js
static.fundraiseup.com/ 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/0.a67f871726a0.elements-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642d50bf95258a7181203326b05c08982dc5298ff21982594594a2ece141bed8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V6N0QFAKX4BFFV
age
362026
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Q7L0pxTNr0psgszyHQDcw4o8Fwzu4ZDbfLth3q69gRTh1sO2yp3ynzKMhgktQWL1UP09aNXP65M=
last-modified
Fri, 29 Dec 2023 09:23:27 GMT
server
cloudflare
etag
W/"dc6cd5ef97018916a1e5cc76f51b6029"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Betdkbm7iwQXK1BN%2BAVWNjxcLz9Gkr0uVTCDhIyrMGpOQKXUU%2BXeBL9NR1FS9VlMm%2BonsQF4N3aaOyIyBNbzQ%2BKweMuzhAHVrayqT3v4PZoIrOcb9VKWsHPFWBVhAbFSZDzSQeL8%2Fao%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4beafa5d9e-FRA
checkout.677091bbeb21f0afc5db.js
static.fundraiseup.com/ 		311 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b59918ab6733c57a8a7a9d6a1968d29e79df70c67909ddf241e029d0c15230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA23S49AJXJ280CG
age
18627
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
XpjwJN+7GWpCQJur1wSOIRn7CtPAhGzAgKKrMZwBBY+MJTgmtajqQNaLFmDaPCyAlmyRhUUrNjU=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"52c4020f627c9a2863287f67e826bf65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rk4FlI5PVDsaRKpDZjdxzP6zbsSHRymuzOsqYS0RQI0lo9%2Be0uvAH%2F9Uge%2F3EPs1oHoSGIQhguI3lyp67G%2BooZ63uDXf4%2BsFURDEbmCWIjYyyoKTTKIXkU3KKBFDieFGUDSz0llLvw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4beafb5d9e-FRA
checkout-vendors.90571ef5681f68c03c51.js
static.fundraiseup.com/ 		325 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-vendors.90571ef5681f68c03c51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ee34fcf7db9c8bc2412f47c264d8de575c2d477198cabc635ba538ddcd77f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CQYYB1WB1XF6X4CC
age
970862
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pMOUC2kkzbzntFTzFntk176AwgIGXNLJsC4wJyUxNRGSgjypMm/TGoSDQ8Q7VcfdC0tBPgFdTUQ=
last-modified
Fri, 22 Dec 2023 08:14:34 GMT
server
cloudflare
etag
W/"aed625f3509871737d1044d3a87ee8b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LA2mvc4SusxZ%2F7IOZIQtNgf5xfLuL%2FLYaKt8vAAk%2FZjhZKG0BpklHR4ubs5NGxqOB9Vm5rxSkhMpxtvNNDKhFsHFQm0SxL0Cg4az6KTioE8FxZyyz%2F9B8DtmJF%2Ff%2FfCdS%2B263subwqo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4beafd5d9e-FRA
checkout-styles.5314794eb173af8226ff.js
static.fundraiseup.com/ 		118 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-styles.5314794eb173af8226ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a900b2a6524b9f6a640eddeda6e045bea4aff194c9203ea660e6db5743b69b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA23GX1JW7ZTTZS2
age
18627
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
CkwxCFIWjlSTJXwFSnB+ElVgIw5wSifXB9DIDeZijW0Jcs5UT3nOHzWP4GG3ZRZSFb43ISYyPy8=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"7d4d7c4dcf370f6ba0a1600c8277782b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hlo2kURice68e0oZcdFyWWaEUjZb6unyFfPlPbGyeRNTO9sFtkfpJge8inftJx0qeHAEcthPS9KEbD9bJU5qH%2FsH0E3%2FQaLcQxPW6Oc1ZlPe5ZAiefL7FriJF6p%2FC39VOK1l5NWji94%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4beaff5d9e-FRA
checkout-sentry-vendor.bbaab79af6ac4ae5c523.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HGGKTGCE1YZJMSDZ
age
1675777
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
M+w43jSCHQSas6McrOwuQwgzIUYcou3C9DSnhph0wEyr9HpWTu4JBe3lPiX6TEs4ht/esiZjbeY=
last-modified
Fri, 01 Dec 2023 08:27:18 GMT
server
cloudflare
etag
W/"e8cb215ba1bf6e188dcd93c7faa7d814"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFrx0rhM1vrLp0pUgDaEK4MQlikoT7%2BA%2F%2BQA8%2B5lt74stvyIZZkwEPPms8brxEGFZ19PuQjmEz5VcNxvNfI5RmdivjXXU%2FoHixpf7AYOAOypvzJrTosre1dxfrfPmXkMmarmFY43ENY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4beb005d9e-FRA
sentry.46ead00774987992ad1f.js
static.fundraiseup.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/sentry.46ead00774987992ad1f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f300f66c1304e23bfc15a23908129f0b10ff24c89f5a2727bc52735acda82d57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CQYG7TEAVBKC73TH
age
970862
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pVPLpC4JYH/X4NVh1NlR4Ynj1dLH9PNpzsAZe5ReZLApdi2F6+xSNQJAZ//8zCP5Cb8+ukQxQqk=
last-modified
Fri, 22 Dec 2023 08:14:35 GMT
server
cloudflare
etag
W/"d325c5401c790cdad1125c429c0a3570"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkTtE1LAC2%2BsgME9pNc7W0d7XvLeLXayVMMdAjD4eQS7ylMio23%2B0Voq2lMz0WPpppcIb6Kbcl%2Fc1enSQz7%2BtxT%2Bdx6e9f7aHpt%2B6p%2FNCF7DLbk4Ms1ifZFaIKG9uC7VAd4pnaVFkbs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4beb015d9e-FRA
checkout-modal-fiat-flow-factory.412db339158e6d1dd863.js
static.fundraiseup.com/ 		193 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-modal-fiat-flow-factory.412db339158e6d1dd863.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae885067159b6a4c7f153446d01bd1e0405d0acd180089840397091758a42695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V1ZK6TEKGC2F71
age
362026
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
HsfujrA+k1UKvFlvFqNT9p5WwVToMwIMs8iwMccJuFCcSOnuyYW2F74ee6t5X1VIfj75hQb/aIs=
last-modified
Fri, 29 Dec 2023 09:23:32 GMT
server
cloudflare
etag
W/"a841186be43e9817bb06608166c38a47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goQhiQO6TUVKvMl9gm8w7ltAlzqrBv%2FAhhNSyUpWoaRjGH2DnKTiLHruTJ9Ob3N82CUVhP2Aa%2BE24u6IzH8Q0n0gZ8ywhDTU1KcvlwtxaWi%2BoumojX42pN2o5nUkVezYbmbhyCPYfaY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4beaf75d9e-FRA
tb
fndrsp.net/ 		2 B
496 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0xL3vB9kFH9ozr%2B00uWaiPjqMz4n1PxKqf0aj3In2yZoLRYsMAry%2FcDFIRlS%2BLy6ByZy3%2BQYRc04YCgnLLNGQVggEy2NX%2BYBqS5%2BWyjJ8nQWttXF%2Flk7woRRWcj"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39a4d9bf85800-IAD
alt-svc
h3=":443"; ma=86400
resolve
api.fundraiseup.com/checkout/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.fundraiseup.com/checkout/resolve?key=AJPYNTWD&livemode=true&livemode=true
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82fc02af46ba3ab5b7bc46bc74c979c125eb281b4482036d29ce292c4981ca06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

fun_c_status
HIT
date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
fun_cp_status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
fun_c_ms
14
alt-svc
h3=":443"; ma=86400
fun_cp_ms
108
fun_t_status
HIT
server
cloudflare
fun_t_ms
113
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8g1bkUzuBPKR5DyiR65Lo2jtk2JrbrUgk0cfUzyiYuIK%2BXM%2B6N4qax8%2BrWhWFZwlYwIxSJ5rmm2f40rJ82u2lhiudkW0NWJ8KrLhDTlAMh2Wc8sVoJ%2FFNgCCb%2Bx1OqbFCvjqfY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39a4c2b4c5d9e-FRA
XTDESWHR.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XTDESWHR.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
517aa5c6549c92ef5244d8e9df5d662310d50ca9419b12b9157e67ff640be3b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
A3819GG2J2PWCW2Y
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
LR8+SICLFbXG8a9ksYxtbR/BN6DcGzBW7kv38/Nsh2j3tymBsOzJrkTzU/mAnM+cvqB7YOYJJ48=
last-modified
Tue, 02 Jan 2024 14:10:14 GMT
server
cloudflare
etag
W/"88a40ec077d8e3a73aff5ba0a8ae0127"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uz0Q25ZSglmw8ND5wEG7k%2BE7jliovvPOJfYlR5FjCp5dbIxJHGpIjKGNBLRq%2FyERXXCJWQ4zdABfZIjcokLH86KDKylDLijQPpl7Okyu96B5umVwy8Eh6sL%2FwXC01TWE2uHcm5zMIQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39a4c2b3f5d9e-FRA
XKPELUWA.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XKPELUWA.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bff4e5a01e8dd93a69abd5a5531d53cd891f65134c552718134e0adeda2be295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TMSQ0XNR5G3PMZQQ
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wMy6XrMl3YsFXIjy3o9XtpQnZ2OCBJu5Ri+3n3KFuXO+/D0JgIYOi31j3obx2MIPirtkSDxOqGU=
last-modified
Tue, 02 Jan 2024 14:10:19 GMT
server
cloudflare
etag
W/"d9ccba06a738c5e01e9a85a29f1da6f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICCANj7d%2BTDMCj0ky%2F0IwJCQ3mRac1pg1MGrhHPwib33XW1L5H0T5nWGcxjTvMD5u7VPEVPjhfCHHnHoN6Ku1q0djIWZd3oMXcfleLfhqs22325tEmatFgtMdIHM%2FGbuTvQN5UY72k8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39a4c2b415d9e-FRA
XXTZBBEE.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XXTZBBEE.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6109a9264c6bb75eaf69d45fd3fc6f193794adac940245584a014c10d334dda5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
68WCFG22F4P8T3JQ
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/JEcokEK8Os4CkOsyIfxU+UsMIcH8/e+dthsGZnhXD2Q0caICYG+O68wcyiRYnV91GZofg9spDM=
last-modified
Tue, 02 Jan 2024 14:10:23 GMT
server
cloudflare
etag
W/"e6e67bdaa2cd00905d537372a5883457"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnQ1eAjHgWnKl%2F2DrGMERmu6gWAjNymewN96OsLtTmC22%2FpMjgGNP4vLp7VR%2FjzMDd9jLQcuCjGjDTTPhQXdAMt9X3DDeeF5fxVN%2FdJ85gUn9ryq1sjmJ3SEsjoKFRvDE0WeXM3Tk1E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39a4c2b435d9e-FRA
XPKFWDNY.js
static.fundraiseup.com/embed-data/elements/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XPKFWDNY.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb218a2b6a039eaf89cbd37cd1555bc0f0398efdffde33a410990feda30a3c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CG3E81HYMN82VGAA
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QZPlOFJaViOYCs2lvYR9Citf8iPfkhYPR7LDPkGRz22R7Q7lp3o034xTdj09me9hQrv5pZyxXXE=
last-modified
Tue, 02 Jan 2024 14:09:11 GMT
server
cloudflare
etag
W/"b6f45d082613bd164faa1972ab35be8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJe%2ByhfeYAt9bB%2BjuRuAKjySxEM1WPnF1LfGbr9FTd7FYhYgZSOlbYSoHIrn44Ryl6IZ9FHYa5Ba92YL0%2BzkiDFanwTbD4yR6D4qb8x1sz15mpFcAhF4MsFJZ6oDokhoCFUUsxg6I%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39a4c2b455d9e-FRA
XJLGKPSJ.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XJLGKPSJ.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac93c14f7863cc7b7df8e279a534c4940cae9a66ae48192761c6b7c5986eee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PCTHJRRZ2ZKM4ZPN
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8QJDrI1v242LeLVWKrbJiCFLXVnbaL1mmZFJ/A+XsyGVla88U0kNRPAPHZTKCQa6T0C4BSSei7E=
last-modified
Tue, 02 Jan 2024 14:10:16 GMT
server
cloudflare
etag
W/"d0e28a7707e3fe1515e6d50b834b1cdd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BG1L5SqYBHl0e7rpqJh3LthB2DMt6E0tzZ9xajpHRdLGdCVFSTkpaeeKuxq%2BpOpaFPY3gq3HHnhJQOw0PZAvSg0zvm16CgaKC7m8YGvIXZxBrlrhii5oqTeyyfHnEI%2FvpJeolf7JNRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39a4c2b465d9e-FRA
js
www.googletagmanager.com/gtag/ 		207 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-794610601&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e30c033f4ed981b095b1f2313a46397ade450ba7224cac4334c9dba5896b4e51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75637
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:13:27 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1071894384&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
95819f207a256af456417b5a31267ab69f0bd99cb0e1d82ee5696c6db751f229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80922
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:13:27 GMT
collect
www.google-analytics.com/j/ 		3 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=189531773&t=pageview&_s=1&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&ul=en-us&de=UTF-8&dt=Donate%20Now%20%7C%20March%20of%20Dimes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1198573547&gjid=1374902587&cid=110285396.1704204807&tid=UA-219864-60&_gid=861030391.1704204807&_r=1&_slc=1&gtm=45He3bt0n81WNJ3K3Pv894218235&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1142361690
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1335104/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1335104/trc/3/json?tim=1704204807116&data=%7B%22id%22%3A230%2C%22ii%22%3A%22%2Fdonate-now%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1704204807106%2C%22cv%22%3A%2220231231-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%22%2C%22e%22%3A%22http%3A%2F%2Fgo.marchofdimes.org%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtruenorth-marchofdimes-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22OneTrust%22%2C%22cbpv%22%3A%221%22%2C%22cbcd%22%3A%22%2CC0003%2CC0001%2CC0002%2CC0004%2C%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1704204807116%2C%22ref%22%3A%22http%3A%2F%2Fgo.marchofdimes.org%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bf43c24568a7c7e1b15e9e7de353f3d702a7010cffcdc18be89d75cd987acd88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
22
date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.4103125
x-fastly-to-nlb-rtt
7569
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230073-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1704204807.135644,VS0,VE22
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
25017097.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25017097.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:13:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AC33CD82CFBD4E6D9E0125FD462A280A Ref B: FRAEDGE1909 Ref C: 2024-01-02T14:13:27Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25017097&tm=gtm002&Ver=2&mid=fca156f8-906e-4027-b43f-4942910319ae&sid=190a49a0a97911eeb94be77a41386c64&vid=190a67d0a97911ee86d7f3d3d4f4f16e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20Now%20%7C%20March%20of%20Dimes&p=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&r=http%3A%2F%2Fgo.marchofdimes.org%2F&lt=1304&evt=pageLoad&sv=1&rn=467960
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:13:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 11B896DF00EE4B69B0F4578E2E7E8A80 Ref B: FRAEDGE1909 Ref C: 2024-01-02T14:13:27Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
1621384747882069
connect.facebook.net/signals/config/ 		135 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1621384747882069?v=2.9.138&r=stable&domain=www.marchofdimes.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4bc9b49ae6ec81de78cb07234ba748e5f186b819079eca3e7e82db4690641275
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:13:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
NEjkGDAy9RqdFwydIyOeEtBPkc5mpyNkATbkSaB4yjoQBVXZcn/9UXjE41C6cgB1nEcrAPTwduu9oJvPKaGJpA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je3bt0v894839724z8894218235&_p=1704204806879&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=110285396.1704204807&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704204807&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&dt=Donate%20Now%20%7C%20March%20of%20Dimes&en=page_view&_fv=1&_ss=1&tfd=1684
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
up
insight.adsrvr.org/track/ Frame 219C 		0
60 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=2n62y3m&ref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&upid=b8lvzxo&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Tue, 02 Jan 2024 14:13:27 GMT
server
Kestrel
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204807194&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204807194&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3446297%26time%3D1704204807194%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204807194&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204807194&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_mediu...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204807194&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&cookiesTest=true&liSync=true&e_ipv6=AQKa56Tjc0B0dgAAAYzKha8TXICk6HekUONor2lTPlCdBq9v_4m6QfKPa_XwzDZDDkqnWdsf-0L6mFe_ZBmptBO926goag
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: CD3F370357854873B5EC8FCF976DD408 Ref B: FRAEDGE1917 Ref C: 2024-01-02T14:13:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9xo3BuUpx0QZscWZkw==

Redirect headers

date
Tue, 02 Jan 2024 14:13:27 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: CF9571FE38AC4A1EB6B1D0A2693EFBD5 Ref B: FRAEDGE1218 Ref C: 2024-01-02T14:13:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204807194&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&cookiesTest=true&liSync=true&e_ipv6=AQKa56Tjc0B0dgAAAYzKha8TXICk6HekUONor2lTPlCdBq9v_4m6QfKPa_XwzDZDDkqnWdsf-0L6mFe_ZBmptBO926goag
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9xoznvFMbHHmi5cWjA==
rules-p-4LjrHyeV3QUW4.js
rules.quantcount.com/ 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-4LjrHyeV3QUW4.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:6e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2aa9b0ccf31fe34e187c3b09bec7e9d8fccdeb48a5b2223d9f80df2a8790a6af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:02:30 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
657
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:45:31 GMT
server
AmazonS3
etag
"52b67ed0d6de08757c0affd0509ae576"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
1GTAA0ttr3khTAHpMvdrXVN1o7zMWxrr7X2onIkn67LAKAIFRgzYEQ==
dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;ua...
adservice.google.com/ddm/fls/i/ Frame 537C 		986 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14da571158b9b3e44ffae6109bcba7f2e85fe5d13baaf6a60082edfe9483ba5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
602
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:13:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=871948834737?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 03:36:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 03:36:07 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstD2NWez5XdpYot0w1xaiKmxYbsokeJVlXNcZtAzR3XhiAP45FjiPvkMXCmxkPZBsxVW7CqKZbB73vz1IOGdb1UPss5uIp1Lixu0tofQ8dKqDcJIY_9MJyeK7_LSK-njvWqyglwRKT4xJcbyt7OtpZeghDZSg&sai=AMfl-YTHpVSKtrxF-c6jBVYgaObrfTcv7bzB2zOoGcsrC7bDb2fPePGvf2kOEfchvq6liEhPPgnSR8ojEv4g60c&sig=Cg0ArKJSzL_YxEh-bj9QEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20231207.33113&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=871948834737?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;...
adservice.google.com/ddm/fls/i/ Frame B4D0 		988 B
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e8c9891301f11c066f70e0850c6b4c34c70b63893a43733d52b997913455a56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
611
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:13:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
event
ad.ipredictive.com/d/track/ Frame 5DB3 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ipredictive.com/d/track/event?upid=107549&cache_buster=1704204807&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&val=undefined&tn=undefined&p1=gtm.js
Requested by
Host: js.ipredictive.com
URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.238.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-238-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Tue, 02 Jan 2024 14:13:27 GMT
X-CI-RTID
426d2172-6c33-41b2-be1f-0dd3e75dc8bc
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071894384/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071894384/?random=1704204807242&cv=11&fst=1704204807242&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v883981125&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&auid=1938801499.1704204807&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071894384&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67195d5af97892b1ab9fb5d5fe5e77c8f01895e254995833b4aeb702d12bb1ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1542
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/794610601/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794610601/?random=1704204807260&cv=11&fst=1704204807260&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v869204397&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&auid=1938801499.1704204807&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-794610601&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a664963b7c5a8f09710d18e3a44b741e7b9fb7691d7b4ba4481d77989d2fd932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1542
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.MWNkZmM2YTcxMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		420 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHD93M3C77U7KUN3M5L0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-49.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8eeb23a1dcd42802d5d861556c6ae4848a05fd28cd22bb8ed884015b62eefd9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id
2b69e985
date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231221122602B02A47BA49BCDB18C3E4
x-tt-trace-id
00-231221122602B02A47BA49BCDB18C3E4-4E98F795A618F8A5-00
vary
Accept-Encoding
x-cache
TCP_HIT from a23-62-213-113.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
011188ee5fc10b96e784a647ac4b56dfed223904dda7ac12c380ec8ce79948c8dfb1b3fd53a4e7858faccc97e5e6ad8b0886889a9aca928490499eb9457424c4be24dda4684927d81543c70c33190458ab82b26dc970e2c708d8bc55ba46e568aa
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
112295
1.5872cb4a8c7e.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js
static.fundraiseup.com/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1.5872cb4a8c7e.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9719b638317091bed0ab518c0ef99c5dbf1a3083d8b481673d376c47b3da124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0AA9CJX2WPQH3S5J
age
2179773
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
M0IUZa7ANn8FpB1WdE1S6seCezV7wjuRiv6aAd5oSKVuT4qHfQgTArASvroa0oFpp9Zdpo6Seyo=
last-modified
Fri, 08 Dec 2023 08:26:00 GMT
server
cloudflare
etag
W/"f57799c72cbd1c6941978c660aaa9f6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeLtgqmpO3p8Ox7%2FEP7nADnC8QEyrzAv6Y1Inb8iudYOko5IpcNjETqkm35svqkhr6ZuHEzPKS7gg4%2BplELLuNDzweHpeufBODPSFDih4csjEkBSP%2Fzw3htJexDq5rzjwb5qhJ0Vmb4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4d9e43367e-FRA
389.813e7f9b9882.text-link-v2.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/389.813e7f9b9882.text-link-v2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ed0a4e695771f9903b95ac84166dbb8b89a5f6ead020bdba7fccce3d082e2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32VBK1NW4YFJKKK5
age
362018
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
l1jrJI6jB5lgPXT1G1zWqv8xKjWLaT3wOEWuj9T3zfsixubZ5dcRb29BeEQ9kBSSAHQGC+UtFdU=
last-modified
Fri, 29 Dec 2023 09:23:30 GMT
server
cloudflare
etag
W/"ccadfbcf047d907051c579f0f7f797dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gbKox%2FgKPQFZXJt%2B7GewbeK1iS6dQkRcMuY8eY7DNOVpfPuyn431STxgS8rMSdUTipPJi%2BtKAN2EvTq0zngfzM3W1X2PduKlWmxhO1QnFz2ze85%2B%2FkXnZ6FFJmvn3SsNRhyt1wgDa0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4d9e45367e-FRA
307.3df928c14096.donation-form-v2-styles.js
static.fundraiseup.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/307.3df928c14096.donation-form-v2-styles.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81cde3f01b38120a310a1511896c42f68a46f83b6a5ea874ca447de65563cdc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ES69K1DQCTJ9XXEY
age
361916
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
AZBXt08i9LZBmG2RTd2xx2/EGyNusfk+xCmrtPK3vZcy6zHLq97wMnd5GSUxIXdlcP29GkOMAMM=
last-modified
Fri, 29 Dec 2023 09:23:29 GMT
server
cloudflare
etag
W/"7b20bde1eae8635ea029b426c8f07f8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BHCLrNy7Bb5HmilthsILcWcUbU8wvay5MvETPotDAxBvBpp25MlAHOkOp2oQdHZwbPmE7W6Zw8vggqAhAYx%2BCfKnGN3tNTMwWaGiiU8asRSKQ%2F1wwfm76b8y5TV%2FM%2F46sLaz%2F%2Fehm8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4d9e46367e-FRA
305.1b1d79659d99.donation-form-v2.js
static.fundraiseup.com/ 		84 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/305.1b1d79659d99.donation-form-v2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98b2231b86974817ee296cd79e82374ecaae68b096638100e4bdd0b0386a2997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QZV0T76D5C9B0DTH
age
361916
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
m40zCus7KxF7u5fmjs8cjvRhYC+ZTqw819EaCmbQoAceh428bco++Xh71sbtRzjZ6kt7GJ53Yfk=
last-modified
Fri, 29 Dec 2023 09:23:29 GMT
server
cloudflare
etag
W/"6e5927e25767d3d52a94d444fade75b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFS%2FHFVNBxvW3KpCIPL2NpVMLrdacVZWnv19Nmez3EjVXQoRfefe1Eb%2Ba%2BmO6fYEZqPMzGEfbkKNjCN2gfa1EnGLnL7FXt5D5dq645o8ETI81cKgt7rXUq7%2FpfAuMRXTxcg1sZxp0Wk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4d9e48367e-FRA
/
a2.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://a2.adform.net/Serving/TrackPoint/?pm=3179125&ADFdivider=%7C&ord=424021668857&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00...
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=424021668857&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312...
850 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=424021668857&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Server
185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
49a67c940b597e96c08904d9225c325462f2f4c3202986896702c2e4ed3676ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
686
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=424021668857&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;...
8832015.fls.doubleclick.net/ddm/fls/r/ Frame 6BBF
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps...
  • https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
cafe /
Resource Hash
c93ed8dfb7caea390d2193a55559b350b711974a5e0b4173b968573b6194dbc3
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1593
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:13:27 GMT
expires
Tue, 02 Jan 2024 14:13:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:13:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1621384747882069&ev=PageView&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&rl=http%3A%2F%2Fgo.marchofdimes.org%2F&if=false&ts=1704204807314&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1704204807313.455058338&ler=other&it=1704204807145&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:13:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;ua...
8832015.fls.doubleclick.net/ddm/fls/r/ Frame 9BA2
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=s...
  • https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;d...
2 KB
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
cafe /
Resource Hash
b20d59f253b64071fbf66fdb532ab7de85010449846016eb6697b131c3c33b0c
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
786
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:13:27 GMT
expires
Tue, 02 Jan 2024 14:13:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:13:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel;r=450851439;source=gtm;rf=0;a=p-4LjrHyeV3QUW4;url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dma...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=450851439;source=gtm;rf=0;a=p-4LjrHyeV3QUW4;url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w;ref=http%3A%2F%2Fgo.marchofdimes.org%2F;uht=2;fpan=1;fpa=P0-1661369522-1704204807196;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=marchofdimes.org;dst=1;et=1704204807322;tzo=-60;ogl=type.Page%2Ctitle.Donate%20Now%2Cdescription.March%20of%20Dimes%20donations%20go%20towards%20lifesaving%20research%20and%20advocating%20policies%20%2Cimage.https%3A%2F%2Fwww%252Emarchofdimes%252Eorg%2Fsites%2Fdefault%2Ffiles%2F2022-11%2FJAJEES_v2%252Ejpg;ses=9c0b1c77-c9fb-4464-a5aa-a9ebd0089025;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
4537.6416dff170ad2bc44ace.js
static.fundraiseup.com/ 		255 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
225cd565a241fd2329d7fbdc32be0c9d94ac4692b5f9b507454604980a418c70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PT5EBCS9XXGR9BCH
age
1829733
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
3mw3g6ltuYzA0iSeWXIp6LFhQmHkq4vQqxbuWakxhhUIyE/lphGv6gCByr8xCb12HG1vu6ytYJg=
last-modified
Tue, 12 Dec 2023 09:38:59 GMT
server
cloudflare
etag
W/"6631e21e1b1afb4c947a250e1103a883"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2eF7DwPGRxzfsSZIBSyLeFdAKtqLdt%2BCNq2Rz69kZhehPb83hikE%2BmYAn41HUtn1hadsDExwJDg%2FHdjuBDw3zP%2B9Y4SKWdwf76hbFQ26%2Fp9Bx4op3jsG6FZVev0DEv0Ez5ZrtTeg82Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4dde8d367e-FRA
checkout-locale5.7e0a358918592a77200a.js
static.fundraiseup.com/ 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-locale5.7e0a358918592a77200a.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0759fd6bed5370e4bc3c573dedceaeef9d7b64efc7343a10d0b147ac0b04ad53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4TA0TZRRDX7XY7BT
age
18473
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Aww5YaBX2qZzkFks32BHI5cOZFwomFDCfd/pHn2jngEynBn4rIBlx31WYJ2KlJGm01HK/aZmj/M=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"56b3b76377ff34bb2c3f1fee29151d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POH5YwWS%2BCIam%2FDhbrejPvcIqDDiXcohwLZzboi5MA8Drg1sDgpq0EQ1aCSKf1l8XR6lUIeM04nFPcmNi%2BeY8%2Bq%2FyBMg13u2c1tonEf2ILqz20TERZ02YbcTi3UIrzKxBtCQ9a5eyuM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4dee9f367e-FRA
/
js.stripe.com/v3/ Frame 9AD9 		579 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:47:18 GMT
server
Cloudfront
etag
W/"4ec63ff996d5aa25b29f0a90d2021ae0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
A1j6da0Mgunj1kHAEY00Q9FVgZgNFLEr9hHSKxK2T61FVAw2b2P_2g==
/
js.stripe.com/v3/ 		579 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:47:18 GMT
server
Cloudfront
etag
W/"4ec63ff996d5aa25b29f0a90d2021ae0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
wwJ_2HLqdGS5GBjTAvPS7UPl2G-2D338x-ccMS7Txoq5QI559SMLwA==
identify_ce767.js
analytics.tiktok.com/i18n/pixel/static/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce767.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-49.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id
2b69e9e7
date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231221122608962DAE8B9300C318CCBC
x-tt-trace-id
00-231221122608962DAE8B9300C318CCBC-2098CDE49D43843A-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-62-213-113.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
011e103c6abe313ce4ae6a0e2b2f63ab210900bcd9d17b8429691748ed15bc1589c18cc7273e02f7397fbbaba3c474397bedcebb40c67f6feed32dd991cccad5b1cddc4a697ee67173204a978769151cc25bcad6b8872ed14b1a7eb34d24392f41
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
36037
pixel
analytics.tiktok.com/api/v2/ 		0
845 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-49.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
5a8db06.2b69ea01
date
Tue, 02 Jan 2024 14:13:27 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240102141327690E6161FF9925DDF697-3EF8C84B0DE69E77-00
x-cache
TCP_MISS from a23-62-213-113.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
154,23.62.213.113
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=64, inner; dur=61
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240102141327690E6161FF9925DDF697
x-cache-remote
TCP_MISS from a23-220-104-215.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
66,23.220.104.215
x-tt-trace-host
01ef509897cf8d658a0ad904f93095073bdb80c9f3d2b778b4137dfcbe4813d8a5afaac4f89e483b8adbeedb53dcdc30712ada6dff50e9e26dedfc3449c8ff57dc9a9c1993a64866a576562c2f39b87e35a856f5ca1b43bc67f88f652350b41ec88a49fbb2dfbb726e0d598c392876e969
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jan 2024 14:13:27 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
703 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-49.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
2b69ea02
date
Tue, 02 Jan 2024 14:13:27 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240102141327ABAEBBFAE3659C46CB3F-2DA5E67F08CF6DC9-00
x-cache
TCP_MISS from a23-62-213-113.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing
inner; dur=55, cdn-cache; desc=MISS, edge; dur=5, origin; dur=146
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240102141327ABAEBBFAE3659C46CB3F
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
146,23.62.213.113
x-tt-trace-host
01ef509897cf8d658a0ad904f93095073ba99ec3b45b19ae02ec554b241c97cd222857e9018a0f39a966d2ef8b51b6624604c8c8f667d344d8128af2a3f1dcd0cbc0a90f819742fa004857c460f02c5ef2b5664696d051420b0f6febedd0c4473c
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jan 2024 14:13:27 GMT
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ Frame F955 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
AR2AXRS8DTR59APK
age
1174215
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
53064
x-amz-id-2
dHgD6bq88io6Eo+rNLsYn5iQoAP+Mr6OUPe/k08nfTwOz6Ago7Wv23k0kDBVuggy1SUcs7rZguA=
last-modified
Wed, 06 Dec 2023 09:28:26 GMT
server
cloudflare
etag
"c9e466876957e9d2128f63b225a81ae3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uh6Yl8rgDUc9jO39H10hmsPdvr0idq3CNIGFcuTl0mEPckfUZcR9wkzFzXRNm4HSMpi%2BHLXpS693mH0e5Ul4vp2WrLDOMeyKtl7kOZAfr9DEjPGqZACzg7%2BiQ%2BXWY%2B1tBecdkRHc4uo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39a4e7c23bbc2-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ Frame F955 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
667Q8VVQ2YMF41T4
age
2347801
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56996
x-amz-id-2
PDmpmp4IH0kzpEMv9/xH/gmgM8jJ/pClLcVY1njzPZj4pEyhEZHjno2g0S/aKXoQd78WUv4X/Xg=
last-modified
Wed, 06 Dec 2023 09:28:25 GMT
server
cloudflare
etag
"643ad5d92cd7c31076790077c3003abc"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIdLXtRSSMeWR9mn0ryrzw9RzGCiauq7DSMHWt3KabsBVK2HChO3UDbeBadBQFgd8fzuISjU%2BE3SGRJFJ%2BQ%2FejHULpSpYuEg%2FKhRP50iAKt%2B3XI1lagS%2FrwLyOzbbHU7Jz7alFRQmJ8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39a4e7c26bbc2-FRA
/
www.google.com/pagead/1p-user-list/794610601/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/794610601/?random=1704204807260&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v869204397&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_zrBRzN524Lr_zAIF_Nh7baKbU8iw_ErgYiMM4fG2zviUR01-&random=3455590358&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/794610601/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/794610601/?random=1704204807260&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v869204397&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_zrBRzN524Lr_zAIF_Nh7baKbU8iw_ErgYiMM4fG2zviUR01-&random=3455590358&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1071894384/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1071894384/?random=1704204807242&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v883981125&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_5Yi2bnKU-S_1JvnCgO6C186L1GtC0HWAGSAkk-ufnrGZAYzU&random=2475340239&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1071894384/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1071894384/?random=1704204807242&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v883981125&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_5Yi2bnKU-S_1JvnCgO6C186L1GtC0HWAGSAkk-ufnrGZAYzU&random=2475340239&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sentry.fundraiseup.com/api/9/envelope/ 		2 B
165 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.fundraiseup.com/api/9/envelope/?sentry_key=e4f08d23cf4e4dd080d8b4853ea3f102&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
40.160.4.235 , United States, ASN16276 (OVH, FR),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.marchofdimes.org
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
date
Tue, 02 Jan 2024 14:13:27 GMT
server
Caddy, nginx
content-length
2
vary
Origin
content-type
application/json
event
ad.ipredictive.com/d/track/ Frame 6BBF 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/track/event?upid=107549&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&val=&tn=8514793536088&cache_buster=[timestamp]&ps=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.238.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-238-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:13:27 GMT
Connection
keep-alive
X-CI-RTID
5711b282-11af-4eed-a891-78c58575a34e
Content-Length
0
p
e.acuityplatform.com/ Frame 6BBF 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.acuityplatform.com/p?pk=9020304230610356278&pg=26254
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.59.122.94 Schiphol, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
Pixels
px.adentifi.com/ Frame 6BBF 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adentifi.com/Pixels?a_id=3405;uq=57280007;
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.44.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-44-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
ld.js
dynamic.criteo.com/js/ld/ Frame 6BBF 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=81237
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
abca992fa4e621e1b432acbd7111a6c3561a508229e1ae32873531feb1d24a17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
4149.32a922016f7e5178a83a.js
static.fundraiseup.com/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4149.32a922016f7e5178a83a.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
564997debc20f446a4f38720248e1dbaaaa15ee5e40de23c946a0af7aadc6b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3E06S1657JWYXZ9J
age
1057221
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
uxclCEqBiLxL4AeiRIGRzGGT1veEQnN3T/BFgA+AAlwSHRnKs5LMJS3XwXXoiXFgsabLJyLOAMI=
last-modified
Thu, 21 Dec 2023 08:15:26 GMT
server
cloudflare
etag
W/"445f9c6560ac0fc0117d54656e7319fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7olfYZNtQTmsXReHmJldyMezmXMLsRAOAP8UvskzoE2yakGr4D5FKSgTgYsoWaDsDGfkAQgrn7mux7rwZf2rVPqJJb7bWyjXMHdpsoaVMnUMbro5C9Z0bzyczN2oqTOApwkzL9Z%2Fso%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4e9f80367e-FRA
109.85cdd6cd186cb7f30f03.js
static.fundraiseup.com/ 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/109.85cdd6cd186cb7f30f03.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f9e60e6bf41a5af731690552807e6e4ca7be8994fd8804b9cf15592d3ef5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7K100Q83J3ZPGR0B
age
970861
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IimgcFOBRlZRjWVYgq50ivWwdYXuRs8OCFJLhhZgWZP/NblJWfz2FfO/JZARKIuGM934kUrLOVc=
last-modified
Fri, 22 Dec 2023 08:14:13 GMT
server
cloudflare
etag
W/"85e49c2822c4eaabf5554ff2a96c10c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qE%2B0vJ%2FI%2BdUPwd%2FHwfEHsSD37PfclI1gGyOpYdjwget7K6yCUM0lqvKy%2B8eNXj0ATIPhHjYVg9YvZQT8Yhumy%2BaEvdVf%2FW%2FbYqpoYNpLslg3atkOwye1S%2BhYd9z8GXI3E9bfHdCCmm8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4e9f83367e-FRA
4022.1aa6f4635e0102fe80c7.js
static.fundraiseup.com/ 		170 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4022.1aa6f4635e0102fe80c7.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1f92dcc7494187b5787cabe4834de25f4502ff2aa4228956b919785118df04d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4BHD0GWBTFKFZDMP
age
18542
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
MUEN7TrTDg5Yhpc67N+CgjeuAlgVPYLw0wgYrzd0R2upoBBQmLqqnZDQZD+pnM/8Wpp/2LMWEQI=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"3ff165845b9f2369bd1e145b654836f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSup8Fpm2yl1GbAISZwEZi0ctSKuoDBcP46PKYF9jcyF4g51A%2BW83LWaXYYLKSOfxt%2Bl6cxU0gFJu%2FFNXTsdV904xT2xBCzg8Vi0YwRqcdPJp4l7gTZhslsuY7r2Pj7GJjhjCV%2FHTbs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4e9f84367e-FRA
bounce
secure.adnxs.com/ Frame 9BA2
Redirect Chain
  • https://secure.adnxs.com/px?id=1282070&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
an-x-request-uuid
69768930-1010-4245-91d8-55e22f386b7b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
an-x-request-uuid
36504270-1bc8-4081-bb65-8ad0cbfb9ad7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 9BA2
Redirect Chain
  • https://ib.adnxs.com/seg?add=22494154
  • https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
an-x-request-uuid
79ef9ab4-74d5-4ef9-8908-e793a0ad75da
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.76; 45.141.152.76; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
an-x-request-uuid
4808d15b-c2f1-42c6-b338-e8ba205fad7f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
x-proxy-origin
45.141.152.76; 45.141.152.76; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
events.js
tags.srv.stackadapt.com/ Frame 6BBF 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ee7c8ba95049e9595ee4c402407497e1adc2f7aab23a12867bec80b97757bb4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:13:27 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
bat.js
bat.bing.com/ Frame 6BBF 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:13:27 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FBC26B56EC044200B07E550F5A01E182 Ref B: FRAEDGE1909 Ref C: 2024-01-02T14:13:27Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
quant.js
secure.quantserve.com/ Frame 6BBF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:13:27 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 6BBF 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:13:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
G5ljjCe9jOZbCZePkmklKRfZOaOVZWso+89BI/Zew3lPP9F1pQM1MVgng3E8o+rjKPX2Z6ny9Muhl8KnATf3YQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 9BA2 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=75618
accept-ranges
bytes
content-length
15541
bat.js
bat.bing.com/ Frame 9BA2 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:13:27 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BCFEA2FB4137484D83F8BEF67533DAA3 Ref B: FRAEDGE1909 Ref C: 2024-01-02T14:13:27Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
quant.js
secure.quantserve.com/ Frame 9BA2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:13:27 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 63FF 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2537
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:31:10 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
x-amz-cf-id
8ra45c7nN9eZkIiKFp99KqcLaA-z6LK3nH047KKm8EBNX0RYnTD5ug==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame BCCD 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2537
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:31:10 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
x-amz-cf-id
1TfRpYUaU_Zb_ScEjDL9v9tKAYt8gQg9YEYAhz1LBMUIXFXNu6klGw==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
controller-a8db3be7204dff5e963b6f0fd5121b28.html
js.stripe.com/v3/ Frame 4BA8 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
50
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:38 GMT
etag
"a8db3be7204dff5e963b6f0fd5121b28"
last-modified
Fri, 22 Dec 2023 21:08:02 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
x-amz-cf-id
IJUKX9Owq1YBT5Q-bSz1B-6MIhzJDvYXgnYbW6GxzlNpEwz3rgEPDQ==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
controller-a8db3be7204dff5e963b6f0fd5121b28.html
js.stripe.com/v3/ Frame 8AFC 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
50
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:38 GMT
etag
"a8db3be7204dff5e963b6f0fd5121b28"
last-modified
Fri, 22 Dec 2023 21:08:02 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
x-amz-cf-id
_583RySyVgDKHZ-N9mIEtPg4tN_3uGlw_PNBimvvQSIlR2ACKmRj0A==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 63FF 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:26 GMT
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
2536
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
n6O2wSR2uBwnFH8RWICPEe7sV0b4rOcTTyuXAuk59aaQ8ttSdVVVmQ==
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame BCCD 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:26 GMT
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
2536
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
tFDYXuw_yKGSEm9tVtgmxHJ1Q85ISVpeYWwaPUBoO-m496u9rA3Sww==
csp-report
q.stripe.com/ Frame 63FF 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808173265
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808172541
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 63FF 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808173262
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808172553
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
812396462484872
connect.facebook.net/signals/config/ Frame 6BBF 		134 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/812396462484872?v=2.9.138&r=stable&domain=8832015.fls.doubleclick.net
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d30717f2e8dc64c231e7f24843ca4ba6c9076d5e838b08e4d6efc0ee66b9f9c6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:13:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
bYsFjbU2w+fJgRfHeTXVft3rj0RO2cW10ohl3fIutwKbxDK6jyd+ghnIlZ9bFsMQy6NVcfrJwQFNuYKY1ws9JQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
csp-report
q.stripe.com/ Frame BCCD 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808175882
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808175583
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame BCCD 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808172873
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808172524
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
rules-p-uyn8UnTsRXguL.js
rules.quantcount.com/ Frame 6BBF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:6e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:33:09 GMT
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
2419
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:08:42 GMT
server
AmazonS3
etag
W/"b4a376a3ece8af98e7567e60db986dc9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
VWesm9ma3fP2r8yhBaWFFmTPS1QDVqxp3bdIFSg3ic0jykcnxBrSsA==
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=0818332391962749&referrer=http%3A%2F%2Fgo.marchofdimes.org%2F&cht=ot&marketerId=00cffee659fe578dc2dfc7fa0fb839455e&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:13:27 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
e8c24fff685a7343cc16da9218b7825b
Content-Length
54
Content-Type
image/gif;
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=04257855328455964&referrer=http%3A%2F%2Fgo.marchofdimes.org%2F&marketerId=00cffee659fe578dc2dfc7fa0fb839455e&name=Add%20to%20cart&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:13:27 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
ea9f369cbd4822004f2660a3d75b2aad
Content-Length
54
Content-Type
image/gif;
cachedClickId
tr.outbrain.com/ 		35 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00cffee659fe578dc2dfc7fa0fb839455e,00cffee659fe578dc2dfc7fa0fb839455e
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
br
X-TraceId
acf95243b2f13a48ea72230ea78e96f4
Content-Length
39
Content-Type
application/javascript
00cffee659fe578dc2dfc7fa0fb839455e
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00cffee659fe578dc2dfc7fa0fb839455e
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:13:27 GMT
Content-Encoding
gzip
ob-sent-time
1704158459218
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-RG
EU
Cache-Control
max-age=60
X-CC
DE
Connection
keep-alive
X-TraceId
57b83294c6ee72d141c3c6b514b67f82
Content-Length
22
Expires
Tue, 02 Jan 2024 14:14:27 GMT
25042596.js
bat.bing.com/p/action/ Frame 6BBF 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25042596.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:13:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 45B31B51004446E282E06944DABEC433 Ref B: FRAEDGE1909 Ref C: 2024-01-02T14:13:27Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 6BBF 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=a857308b-8afc-4821-8edc-ea5e74314ef8&sid=194ae360a97911ee8f5d9d3dd72d6bf0&vid=194ad720a97911eea0381f394a2c2bf3&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fadservice.google.com%2F&r=&lt=155&evt=pageLoad&ifm=1&sv=1&rn=788736
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:13:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 28B0BE1D98674FB6A1C73E84E014478B Ref B: FRAEDGE1909 Ref C: 2024-01-02T14:13:27Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/ Frame 9BA2
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204807555&url=https%3A%2F%2Fadservice.google.com%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2179642%26time%3D1704204807555%26url%3Dhttps%253A%252F%252Fadservice.google.com%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204807555&url=https%3A%2F%2Fadservice.google.com%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204807555&url=https%3A%2F%2Fadservice.google.com%2F&liSync=true&e_ipv6=AQJTiOifKOpPYQAAAYzKha9SuZcHasn7jsZ7pejgzQHpUDNHc2Q31hH8M...
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204807555&url=https%3A%2F%2Fadservice.google.com%2F&liSync=true&e_ipv6=AQJTiOifKOpPYQAAAYzKha9SuZcHasn7jsZ7pejgzQHpUDNHc2Q31hH8MpHoCgkFthxqcdUDLGjGY6BODCkfOpUPtjQpDA
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 84597131985D4E54B208B5DFE5B841F4 Ref B: FRAEDGE1917 Ref C: 2024-01-02T14:13:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9xo3lisfHZeYcZpBbg==

Redirect headers

date
Tue, 02 Jan 2024 14:13:27 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 0E2B4E6F67AC4B099AD6185C74276C6D Ref B: FRAEDGE1218 Ref C: 2024-01-02T14:13:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204807555&url=https%3A%2F%2Fadservice.google.com%2F&liSync=true&e_ipv6=AQJTiOifKOpPYQAAAYzKha9SuZcHasn7jsZ7pejgzQHpUDNHc2Q31hH8MpHoCgkFthxqcdUDLGjGY6BODCkfOpUPtjQpDA
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9xo0wa65DcszeAp0ag==
5001207910501370771
api.fundraiseup.com/paymentSession/ 		578 B
919 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.fundraiseup.com/paymentSession/5001207910501370771
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76314e37179518eec515a6aaf17127f38b223a4a7b1ec0acd29c84e8dd566efd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
content-security-policy
frame-ancestors 'self' fundraiseup.com
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
x-response-time
178ms
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.marchofdimes.org
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64URRtriymBka9WT9e5BMQ8CKw93yiujbcmXZ7nFnptX%2BG6sHfMvn1zgb42NQQrNaLiFNaHWZmiVmzmo92P3%2FtBb%2FO9LrZ5hzDLBuit26UqPOuSr%2B9h5J9WUW0WA0iv6EVPJnCg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83f39a4f584f367e-FRA
expires
0
5021.69a8a47ee2972d7403b1.js
static.fundraiseup.com/ 		253 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/5021.69a8a47ee2972d7403b1.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6432a66c7d8240059ca76b571620dd0f54b4d3a5dc05fccf8cff7c8304bc9493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KHN27Z1109N5TZ0X
age
283107
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
yoDNNROVaeK+KyQahsxI40Riep/BjDLQzjz7WDpSbAXM4VmbvVP9a/xQAmys51+y6Gle++dqJUs=
last-modified
Wed, 29 Nov 2023 14:59:27 GMT
server
cloudflare
etag
W/"d4f127ab7620fb2bfb2e93a462d59163"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeSN73MmirZE7O7h3%2Bj4wnbZt4gDsMlnGLsCLv7MSirpXaj6WPiIyi6J6YGKWj%2BDYoEEsCD5rGf5uj2w5x3pUfcMN527lb7sdGxWNUy7uA1AF%2BUU4YvbZ2CpjMzIe0kuvdTjhRNdT%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4f5851367e-FRA
4365.3c47b14cec912f3f2597.js
static.fundraiseup.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4365.3c47b14cec912f3f2597.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69c942423058ca7c0d54a661d67cded9d06b9f030dd45e434bcc72cd150e7e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
H1Z3T3JBNE8ZPW7C
age
1315613
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pyeKPQzxOXGzJ/l2A21cBmmPl85Sohcl2NzKHZUZp3z8/ohsdRhjncYNeZ+zQdNpQVi5vcXEi9g=
last-modified
Mon, 18 Dec 2023 08:17:57 GMT
server
cloudflare
etag
W/"e235a91c7b1026c12729b0ccc59690b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8lNNJtFZqa5CDvDSt%2BvCk8SvHcwv8X4bK4kVH6HNVsmZvucluNQqQhucju5ivl7bIcZXZriEfeB6bNHGaermKcFUP1dY7GABdVYWQUmQNqsHbSWkCeMaxotfgZKWt9m%2FBTEyFiYVTI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4f5852367e-FRA
9722.efb7c58e3e474cbf152b.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9722.efb7c58e3e474cbf152b.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55934d27fdb4a14ddc59cac40e940a9c8100acc76c156e9be5f3b9c0dff6569f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Q3RMZ5S1Y2VMDHPM
age
361877
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
UGf0FeYHr6RCLHS2+PeNIoXGd86kqYTOChj6p9sX5cMmeqMgE77S4bNUNDya1uHCXpeKQpl6SJg=
last-modified
Fri, 29 Dec 2023 09:23:31 GMT
server
cloudflare
etag
W/"ee5cbbfe6c1f87870f508d95c1085e92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mY4XgfLm9r2g%2BNR2kp9Z%2F2hGlrQ2w3QYPMH%2FKcJv%2B4YA0%2F6OrDzuT6%2FIFpZb%2B7sb9wMJY7qKLMorOIY7qD2z2sPaD1JSXVLKK%2BRX23z9UN5vGdHyqktSaBGA6d3tsrp%2FpAeImoQCR4c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4f685b367e-FRA
6267.5aa879fe84868b48faf9.js
static.fundraiseup.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/6267.5aa879fe84868b48faf9.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c2e62deea90ad8ea208037abde538d6100d5a3efce136c89e64a80c1b1c6b07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
N4W91XF6R40ZV97H
age
970860
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
na7dnXt1csz1FVSwoTIPfz3r3mioeC7v/E+Ru7bQNLEpfp5SAVw8HI5oRrMe4ZVdvgeuDkC/4CI=
last-modified
Fri, 22 Dec 2023 08:14:28 GMT
server
cloudflare
etag
W/"fd37e6df21da71bc4f7e20d1d5c66776"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3YKP1%2BNrp2bMHLxvlBv9WCx%2BrxUpLWviMrGlYLHMH22VeNePYpc8%2FkkohmDJ4mKCQkkUdAwqBGEn%2FHUlRGH1vwrqRuE1whH650si6ZqCFF07upPpoyUTL5ngJ6GpOglU8K19wXja80%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4f685c367e-FRA
1546.acd6010561bea827780c.js
static.fundraiseup.com/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1546.acd6010561bea827780c.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4660c763169716a38ee1153d2cc4eca87ca421195d67bd89ea964b10bfbacac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZMV4AT09ZX8QYC
age
18542
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2k/vmYZ7r+GXxGrB/Gd+EMkq1+sNnpjZJ0Zk4y1SJ81dId7d9BFo1da2APLfy+yJD9ZmWQSwpYM=
last-modified
Tue, 02 Jan 2024 08:46:51 GMT
server
cloudflare
etag
W/"61b4f037d3e70607ce2de6911ed45e37"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qsrK0Z2ZdTQlXdAvXBwQuV9vDnNRuECMaA1xcVScUFyIWJ0LUmnTst0eI%2BeFyGAGd%2B%2F4yVCBokBa24kpMEEX1Uf09HXoob17JWUbpIEEwxwpce8kQcIDDMURiXC7NowJ%2BYI7ymOTjs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4f685d367e-FRA
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 4BA8 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:31 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2121
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
HL-gyigzDc-sP0jo8DsQVbG-YiEYW0kBk-ckNo83aoDkUvt8wORt0g==
controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
js.stripe.com/v3/fingerprinted/js/ Frame 4BA8 		688 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:42:03 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1890
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Cloudfront
etag
W/"5ce54273e9cefa73649bdfcbf46e58d4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
7JvLwi5CffmBqv0Bpf6n3bNq2ju0YPrZuVC9E4ouSlXA1CJOZ45IAQ==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 8AFC 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:31 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2121
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
WYIvWbqB9Avs2vWdoXir6JQnu_Sm2L4iUk1ukIAvJK4S_YIPnR3Tcg==
controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
js.stripe.com/v3/fingerprinted/js/ Frame 8AFC 		688 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:42:03 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1890
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Cloudfront
etag
W/"5ce54273e9cefa73649bdfcbf46e58d4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
jrCZRG-gAsErXt0RdiN6HXnRpCp8nk0rXKLr7oHrt9FqAUcV8XUmBw==
syncframe
gum.criteo.com/ Frame 8BC7 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=81237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:13:26 GMT
server
Kestrel
server-processing-duration-in-ticks
427656
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
js
www.paypal.com/sdk/ Frame 9AD9 		293 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=QC6F4C27ZTBFE&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2972ea87cd5c4adceba0baf8d735c0dae6512fd7bb276586f5ef9b707b2cde92
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Tue, 02 Jan 2024 14:13:27 GMT
age
120
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f3766499c2a02
server-timing
"traceparent;desc="00-0000000000000000000f3766499c2a02-44d7377aebae13af-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
79959
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230056-FRA, cache-fra-eddf8230056-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f3766499c2a02-e9ceeb38f897edc7-01
x-timer
S1704204808.638970,VS0,VE22
etag
W/"13857-AG4O1rLG9TW0jCSwL9/a1psyNB4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0
25042596.js
bat.bing.com/p/action/ Frame 9BA2 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25042596.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:13:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C9F6BF98C4F54E888F34CB69FB3F40E2 Ref B: FRAEDGE1909 Ref C: 2024-01-02T14:13:27Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 9BA2 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=0d11705d-9792-4d70-8898-7d13bd7bf052&sid=194ae360a97911ee8f5d9d3dd72d6bf0&vid=194ad720a97911eea0381f394a2c2bf3&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fadservice.google.com%2F&r=&lt=196&evt=pageLoad&ifm=1&sv=1&rn=62636
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:13:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BA50BB058A3B43D59EF49C6A9A634655 Ref B: FRAEDGE1909 Ref C: 2024-01-02T14:13:27Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-uyn8UnTsRXguL.js
rules.quantcount.com/ Frame 9BA2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:6e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:33:09 GMT
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
2419
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:08:42 GMT
server
AmazonS3
etag
W/"b4a376a3ece8af98e7567e60db986dc9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
WVxzV9OdbAjDmpYw4JgAJtQh1GhGfVyUOpbYl_oEpDmgFwugIIntrQ==
csp-report
q.stripe.com/ Frame 4BA8 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808173069
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808172567
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 8AFC 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808176025
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808175580
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 8DB4 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:7a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:13:24 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
x-amz-cf-id
GuA-oKF4YIOPMic3XzLCdPZBBC9XnjYxNPZVCS1MjdeYWo_r8cxsUQ==
x-amz-cf-pop
DUS51-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
inner.html
m.stripe.network/ Frame 59E9 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:7a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:13:24 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
x-amz-cf-id
Y8aZVSxX2tum2Qop-UQF6tyfCyVKmLl7xgazoXtsdzjyZR7sC589FA==
x-amz-cf-pop
DUS51-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
act
analytics.tiktok.com/api/v2/pixel/ 		0
842 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.209.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-49.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
5f08278.2b69eafc
date
Tue, 02 Jan 2024 14:13:27 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240102141327EBC04B90A1272E445C1B-52F46C3BD41BE18F-00
x-cache
TCP_MISS from a23-62-213-113.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
267,23.62.213.113
server-timing
cdn-cache; desc=MISS, edge; dur=217, origin; dur=60, inner; dur=37
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240102141327EBC04B90A1272E445C1B
x-cache-remote
TCP_MISS from a23-48-100-13.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
60,23.48.100.13
x-tt-trace-host
01ef509897cf8d658a0ad904f93095073bdb80c9f3d2b778b4137dfcbe4813d8a5be0e1fe6d19be3e4ae25adaa587ac584bb3aec99b31772018570da2bea97713a811ebceabdafe845fe8a657d7b4f49ac19566a5a088c7a95269a8f04bf409971d3366a719125fa46ff1e144da771183b
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jan 2024 14:13:27 GMT
pixel;r=309521873;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCI3YmNHxvoMDFbbXOwIdrcQLKQ%3Bsrc%3D8832015%3Btype%3...
pixel.quantserve.com/ Frame 6BBF 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=309521873;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCI3YmNHxvoMDFbbXOwIdrcQLKQ%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D8514793536088%3Bauiddc%3D1938801499.1704204807%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w;ref=https%3A%2F%2Fadservice.google.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-249180127-1704204807547;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=1;et=1704204807596;tzo=-60;ogl=;ses=33ff9628-d17f-410b-b749-1b13837caf6a;mdl=
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sa.css
tags.srv.stackadapt.com/ Frame 6BBF 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a7b2ea1567418dfa760e5cde30e2a0e56bcf4f17c53e29b458b8eca41fbd9e08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:13:27 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ Frame 6BBF 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:13:27 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafv...
8832015.fls.doubleclick.net/ Frame F31D
Redirect Chain
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;ua...
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
cafe /
Resource Hash
66c945af4f5b5e6ef68d380bae05a25808d447ae9a4f0bf3ed83b20d12752ffd
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1765
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:13:27 GMT
expires
Tue, 02 Jan 2024 14:13:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:13:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je3bt0v894839724&_p=1704204806879&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=110285396.1704204807&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704204807&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&dt=Donate%20Now%20%7C%20March%20of%20Dimes&en=scroll&epn.percent_scrolled=90&_et=18&tfd=2158
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tb
fndrsp.net/ 		2 B
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=757XubYDPvkGQDFbQMXz%2Boq94BWNroVFDvcQQonXD7Eg05IXhbgRKMbiHxAOFDo7JQj7eKdaP%2FyV6otmJKlT5si6a72qniE1UOmBVw6E8gJRZUZ1DHid89DkJ8zm"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39a501de65800-IAD
alt-svc
h3=":443"; ma=86400
tb
fndrsp-checkout.net/ 		2 B
498 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp-checkout.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8HCf7o5R8TU47ApmoMBY3Xixn0g4PYnivDL5eHcAApzUShuYKtPI6Gu20Qi8QooBvXusn%2FQfKBgC7Y6%2FPQnY8f1kboVmids0k9teOJpaQXOM3Wm7PiKSpaYCZtAKSd0%2F%2FOttWvL"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39a503a00f130-CDG
alt-svc
h3=":443"; ma=86400
2612.328ca5ce35bb1bd7dfef.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2612.328ca5ce35bb1bd7dfef.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
337738b644c1b01e37308c9026995b63c20387f9bc8f219cb99f72eb3b23f35c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MZAJQ3WKR2Z77536
age
970860
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
gvmqfF7nktcOU6OXoeHtRc2Txo8MRoq3Hvz3vuO2ppclLiSrR+di2u8cGTZxHlS94Dk9lrbyP8U=
last-modified
Fri, 22 Dec 2023 08:14:19 GMT
server
cloudflare
etag
W/"72585859f7005322a24f55039d6502e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fY7Bkhh77rIALhp3A9B0V85EOI0Sk6j4dvyy9nYBxb6IjW%2FQeqc7pP0ny7XXOvW5r5aCUlSK28JAyIKF1GkVkAolEgNfZ7sty6VF0mgQ67kNOreg6styhjUk44l8%2BejmSF0LgOce5q4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4fe8f4367e-FRA
9317.8347c21dba66a3c8e00f.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9317.8347c21dba66a3c8e00f.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23098142daf44c1cb7d244684146fb6ecb0568274118ae3f62cef67034551ef2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5AN0P5WV2DJPMTPA
age
445945
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6oVt341UDBypRNFueOB2LyfUROi0/Bdw7gBNjFz5mu1QcaoQz8YG0BUHo0lH8PyJ8hJ7aBksCjA=
last-modified
Thu, 28 Dec 2023 09:56:39 GMT
server
cloudflare
etag
W/"cb3cf711444477b5098e7015fbbf15ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOPiKmzYmzkQ42j8RDF4%2BRxerPOfw31kSoRfD2k3UdAiWADwwMBphqMdGt3E6ny4lD46uaGrpR2fAmr1d0awVUCN9CJERqvRvBpL9tkn192m3p%2BIMze5yiSBDEKwsrg7OYg4nq2rseg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4fe8f5367e-FRA
3881.cbc277ee4db5221fc545.js
static.fundraiseup.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3881.cbc277ee4db5221fc545.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8cd06506717ca4b233b2fd62746d5a39c9230b4ea3c4bb56206edf928ed8d05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
880PGD6549C94DW8
age
18542
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pSEoew635YflmBVqBaK6olJhMbYcixootbJjLqRt8nnajJ05UKekU5PT4TLJpw/dTssheuRb0KY=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"d3787c003b65e006808cbd3b22d515d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZt4A4etdWQgXMu2YXWSP26%2B137gEJwy6wHLYMB2N6c8ORnWbkq7%2FiYh9yUOUJccIgUthlzXIihecrCLDftWONpv%2FcZlwheAzPcMbiIFx4zvGyNaMLTDIwKRS3jcv7xUoFz4F7Fa9ZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4fe8f7367e-FRA
8443.30652bd12c39ddd0d48e.js
static.fundraiseup.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8443.30652bd12c39ddd0d48e.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e7f6cd883b421b03d88891e93891fc89bd7e4cde0266009f72250f0092302aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZVXJ9V8PMAVE17
age
18542
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
vRs2QIAMdn8GjVIqigaHemOaVZAcZKMYZ6K2KU02G46/hsB8TJ3hHylBv7uDBRPFJOw5NfdTDc0=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"188752fb24105ced13abb937e1252dd7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtUal1mvV6GRZWXOYbtsEr0jO9BV%2BKrwsaVo9OSWnKqdmNthwXcehJfpevCkegugcRpaXGvH8W2IxyA%2FCHnePS9Da6BkzzKuklaFC1nZpLMThUNhgYUkVC%2F2%2FWn3qPfNEP2jvWwh%2BlU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4fe8f9367e-FRA
/
ucarecdn.com/16dee98c-4cc2-442e-a7a3-f895f7d22227/-/resize/470x/-/format/auto/ Frame 9AD9 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ucarecdn.com/16dee98c-4cc2-442e-a7a3-f895f7d22227/-/resize/470x/-/format/auto/
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
9516e1c23610840cf3f86fc18968a997a2af08e5f42e0093013f0836285d30bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
x-image-width
470
server
Uploadcare
etag
"997f30d9a41e015338e681fdb6747621"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31556762
content-disposition
inline
x-image-height
263
content-length
11427
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame 9AD9 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QV6ZDN9ZE9B27XAQ
age
679702
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56996
x-amz-id-2
m6GUjrh0H2iAktFvpb0L/mpjbZFX+kWDxI9bEav1Xyo64YXxt9GJXGFAKCrTKd62O29l3pK0T5Y=
last-modified
Wed, 06 Dec 2023 09:28:27 GMT
server
cloudflare
etag
"643ad5d92cd7c31076790077c3003abc"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prLOawIjsd7i2qqrsOX55LaI9HHF9p0ZzXB7v5tgihXiKxctNxB39Dr0pIDmN7mkyfRjZDA7SOYZDOQo0EeNDbp1sT1gk4aGgWmmc%2FKokGoB%2ByRS9iR5vVd4oF%2FJ7A8dMzphFaC4Pkk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39a4ffe5fbbc2-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame 9AD9 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6EYJBPJ2VNBHCM6D
age
219956
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
53064
x-amz-id-2
6PBJe28QnhL5geaXNKPhdZapO53++6Ud6mmFkwr0OgUFLSqmz39BXbavQIQVMv78t0NkRUUdU3M=
last-modified
Wed, 20 Dec 2023 14:31:09 GMT
server
cloudflare
etag
"c9e466876957e9d2128f63b225a81ae3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyn%2Bp1EketQEZgGn8%2BlSjDWOQrPjV7%2F6h5ihYXDuh%2FSI7VTTSdwSs%2F%2BLSRHODanaiL5Q8ZBqWVIspPVituGtqVofo9EixOliqHRZJmH9DwPajOE3CugVt9XHr1sBcYc57OMYbVEkYd8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39a4ffe60bbc2-FRA
4308.267ae83b72a737d61bc8.js
static.fundraiseup.com/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4308.267ae83b72a737d61bc8.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e7a944adcb9d32eaf4e2f6e85cb7d1f9029b74de22ad7ff2d46ef82b189c95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZYH264852YZ9DK
age
18542
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
nDC7Cq7Mr+Zn04oXI1y/tAEx8sD8Yww18TArSyzm3zUwxgGOIA6cCL+QXOuq7Duk2Gx632eydrY=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"d17d932280bf77e59d50820c420d7365"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zc9eYyB06GYnP3INt9vrJ0HdNClfItQiFGe1fARw9nIbW96zp8gutT%2BglUoVWEFQJdOw8G4iLCUqqlVkbTCcWdrm6TTOmgdbhYFYZqwC5GMJ57b7eIGX2Na%2B7UzQtVaY9ZwVJqubRoY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff901367e-FRA
4798.a2fa7f6bbb792b2fa1f0.js
static.fundraiseup.com/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4798.a2fa7f6bbb792b2fa1f0.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df9d8e18a3cec3afcf01338e9a26209eeb89e3d0eaf97f0d5298f039776ffc8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MZASJ5MFEC1B4QF2
age
970860
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oA4UpXqkbqI+Z6SmMLgS0rjqIdxTr07ojyzVDJKetuDyqQQB1XfCUpwv05Yhf//jZtEp+jQy0mg=
last-modified
Fri, 22 Dec 2023 08:14:26 GMT
server
cloudflare
etag
W/"813c3e21463a5fb18a4652af2d6e3a0d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVyVVinHzIKAaKpZ%2BWplxEkmLApHXqeXksG05mXUKdrA3uvi%2B4d3RiaxCQ3hC9ZYNsEQaCzKFra4gIA1dxqTfHmQv2PiuPOK86C%2BBA%2FJSok9vRiQCaYAjlSDShwVogVpvC8dFKZ1UKY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff902367e-FRA
7470.5c849ae41dfa76a30134.js
static.fundraiseup.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7470.5c849ae41dfa76a30134.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb48d9e8351750646223a61d5868a0eda7972e2ea278c69677577300810b0ad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZHKH536A56RACS
age
18529
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oVoYp7SmPXx90DPTTKcYLd94o44lpFLshTCQZDuZ/jTATOpxTcuFK2dX6chKyxdG+uH4/WmRY8M=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"8116b094c9ac56f0fa0e152d4e72373b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tl30iDrxhmqAz4vFhpZJiY8TUZPydoM%2FdNi74wr4Tb0lbuz0fkMJvYoL0exKoJjkyiPwXJ2%2B13IcxgAEkx2J9bBEDFTs8lTEZfM6GSGYpP03XhAVPLRQUCo%2F7rQDtnV%2BF8TDaiuzL2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff904367e-FRA
7161.70dda01ad3bd7b1f43f4.js
static.fundraiseup.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7161.70dda01ad3bd7b1f43f4.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b1dccb5a273ea2fadd2437f76d7e4b897e7c5f461f52c0b72cc7e74db13cca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZPNEXWEAW1T5ME
age
18439
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GLR7ICRlZN1+EuR7oBwdrUOAjrpGxxduf6dcDu2X9pYQVuOipRR2wk8gzhPwJseQco1/FzIc450=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"6a9110bcfcb930b2a0f06f9f8de67d69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUSuyKPV1cjcjMHPRuK%2F6rnH1k0Vv2Z2Bzec%2BZ%2BtXcQf%2BoP754%2FwVR%2Brl9K9mN1Jta5CacyQ%2B59G9F9b6U4yuQp6KOMMdlbJAWHI8WxmpS%2F9kyMF760mZUTghQPBxmCmJra4ETZJ2vk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff905367e-FRA
4172.550614b50a20ec5505f8.js
static.fundraiseup.com/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4172.550614b50a20ec5505f8.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67babd89dd5d6e783cbe7ba05cb7d77c2c3ab7bb0b3ba87b185b391a21e8cc35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CE77QSKEBPBFQRP7
age
1940949
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Kg+Eo16+QoH8So4HU2RkmZamhyEVrK5wSRKI95zC6g0w0S4fFHtZznP/31prxfIlrxO1DwplhDk=
last-modified
Fri, 08 Sep 2023 11:49:58 GMT
server
cloudflare
etag
W/"82362aa73fa0a4d64a1c55b1d259397a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UH9Q%2FIUAemqqE%2Fv8tb81arZ6mL7LBCS9lgemcPDeSFu3LDa0j%2B1eq9Yv3ELsCrZox6ion5mTai4HriL4OWUU2NBW2lyDB%2Bst6ue1AUypYpbqsO5xycZ%2BXq116JVHKW03zFZvaMc0mDc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff908367e-FRA
7912.0af9043c4cad1d41b53d.js
static.fundraiseup.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7912.0af9043c4cad1d41b53d.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25c3a3c0aecc1c3cdb989b17c48a9a75970beb6343e0df0c2651ba5eb75c900a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
H1ZF889G6WQ2F5TR
age
1316139
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9gUuMN3cEPhciPDfPGDBXc0XST5/Eyymz5kErZZN17xeJmYtiRxOBLVbk3eATOnPah/fjnQwdXY=
last-modified
Mon, 18 Dec 2023 08:18:02 GMT
server
cloudflare
etag
W/"3aad49c653ac761d3b0dc37c051585c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qHfgQ%2BrliSNGhmA5%2BE4BnsFWofdHXJUBaIy8m59i8t2RDL3AgGzcnBMgo23VnL1SXqJ9JVfsXlD16358CHasmRag4rVT8lBdu60K5A4rBOabn4V9yZoAGPY2vdPGcaMURqqCOQDDwY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff90a367e-FRA
2604.70a67a9325a0b895a893.js
static.fundraiseup.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2604.70a67a9325a0b895a893.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7e24515a6e8e17332b556ae1a433f0b6e00cdaea90167be98c2734b0049a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YNCNBSNKYAZDKDQJ
age
18439
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
u4VwLpIHjQnTNnS7BOaFTguRLwpjhW9+fCvDyugXG8SYJQz/PvGU204l/4vksSr+eU81GppgdxI=
last-modified
Tue, 02 Jan 2024 08:46:52 GMT
server
cloudflare
etag
W/"52a2cc1ece90544227187f23af6c444d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFRzG7tfbiyrYi2AFZ2XKw6Kl%2FqOOISLrl%2B4vCydjcUR%2BTp0XOy1wfnu%2BNfjCQvEast0tBlYjzrxvY6U9wG1OfM%2F%2FsMJm%2BNniGAQ%2FbshiDldBEBajKkhRLIKArgK7h3U4RLb6h3DR98%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff90b367e-FRA
8242.b02aaf21dfdea45ccdeb.js
static.fundraiseup.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8242.b02aaf21dfdea45ccdeb.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f7997ff37aac676d939dbdb0d33f6381fc5b66de4e4c79240e6e9503b14c15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HYBH0AE9WPN4MEZV
age
970860
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wF5+7h/87SrEbp2uxjF0zb8LcL2b8y3jEAXBGtxQzgF0fIoedcwomkGhqGU1nYz3PuqzJqepVgY=
last-modified
Fri, 22 Dec 2023 08:14:31 GMT
server
cloudflare
etag
W/"4b19319add63bf353f59c262e18d678c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8en%2FveXX%2F2GpZMlFbNEei4dNsBKJNGvhGNp1c6PD5%2BFVVSI3XVWu3ztSqsZBvRnx2eeI%2BOsz%2BBgKWAty82KOObSb6e%2FQV%2F9lsLDyxNkjJQUak75RobFykwoi8RlE%2FWtfAeX5qUA5DQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff90d367e-FRA
1307.079eb3e246fe1582b593.js
static.fundraiseup.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1307.079eb3e246fe1582b593.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642c3f67dbc0d646b7d2508b081e0a6040a7be94478f0cd6d2a6de21f5d11ed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZKQ1PWB1M47CH7
age
18439
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
apdObnbd2aDx7v6jeChUIzpnhtdsbSI782ncRqVTlhjItLwFqP9Lk3/geXE23YLoeXo2gTzMejg=
last-modified
Tue, 02 Jan 2024 08:46:51 GMT
server
cloudflare
etag
W/"7b1aa6725ce10e652729c8ca76f3ed5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58XEU2tFVs4cAKin5SGMCIk1zDlXAmlGRMeOjNUC6tWDflUe1O27IFdx2qPAVVEivFjCMBQRmq2IqgCrd3H9r564oYuImxW%2BPNqX0HKDwpRpPEpc8z3UaaQu4l42zVjAfeKU7NsqJeU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff90e367e-FRA
5294.9d66a191975ea80fb12f.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/5294.9d66a191975ea80fb12f.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a06c60d0bdaeba9a685c6b98ec4108e8358606ae608bc2866b3873ba36e8be5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZSR0ZBMBMRZTZE
age
18439
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oKSCrx62k8fu9DVddiAe+KeO1YPBzM4Xq6aLRaDZY2ndINgVhnXM9dzEAsdZkx5im+9J6QxjUao=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"8cbeb2d49dcd2a8be5a4eecf9cb7596b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyUI2XIdmYdiqdxU%2BQDJQI%2FkSCmlFojy5TVzExUqdE6VoQvVon1b1LVxTBN2TUbhbYUstvujOkO0ne%2B9OyJfw343%2BEhzLyVSJgm0bcVe%2Ffwv5h2oWIErcwfJhw%2BvilkE3uwCAGiscFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff90f367e-FRA
3074.d9147f791079b87eabcc.js
static.fundraiseup.com/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3074.d9147f791079b87eabcc.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
377a6ada8b0adaf4e37c51a736bda1e6a66e2339322ce58193e81d5909ee2fb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8TG37C2X6EWCCY
age
18439
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6bMCa6lyErEqFrJxPCzEOKfVfuJVbmStAWgTgCqGelW1NCISZF+zkQzWoxfvKImTH3IAAjWzxIA=
last-modified
Tue, 02 Jan 2024 08:46:52 GMT
server
cloudflare
etag
W/"147314f2adff1871b831c3e893d26e47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BR%2FYVZB%2FMpdl30KIkYFMln%2BzLKxfX0jSfC6qv%2FuJr%2F3NBpLsn6Moq9JMWAQqPPM9cIJOXm%2F4niVBRhzkwA6WuAsqdNb0InViXGq04EhkagupUz0GhOX%2Be%2FR7I47wIoqYwD4CIcrRnk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff911367e-FRA
9101.4c00b74aed875aa4a330.js
static.fundraiseup.com/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9101.4c00b74aed875aa4a330.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b65fdc6da2826c107418e5c689078ff47b54e7f2fc690546c33dbd3b343125
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8SF70XV7VFBQZG
age
18439
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
kI1xlkgxSAPhlIEg7MIRY87N7q5//6f5BH/h2rLndvN0C3GaSZIBe687+vH9A228rAD0GC3g8rU=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"c13ccac03382eb3bdadeaae6fb057063"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kEwKMJCKFWag44YdyxDeUe%2BTC%2BPm7D0E%2BckSStT0Gw9mJzTr6NqbQPpEUCMEriwrEzB9eqHi25w1bXzTZEmrKnCYi2Uo99C%2F1QByh17ouB3iW8QJkgYLt6ZpEI3zSTycYfTvSZl5bU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff912367e-FRA
4531.eadbe0b8b04e9dfe84db.js
static.fundraiseup.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4531.eadbe0b8b04e9dfe84db.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b596c15fc92d124e18473ffa1d9529ea88cf1918efa33f00447fee4113a68338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
D2YYP10PZE500SWC
age
1743600
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
E9+QUIfEP+IrmYuls+++N+MpCX1uzWUmTYeDXm3kuGHVRVChK4eyiU/PrcJpJQS47s3Q5zYXbwM=
last-modified
Wed, 13 Dec 2023 09:34:50 GMT
server
cloudflare
etag
W/"2f5a99aa534d43a5d5741f02d107888c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeOZtzAp8oj00LTRxxrqo0hs8MKmWRMCKpXOOu2jjmxDqp7bvojX0wgokmXzx72goP4C9ThOzzFym1nIJIg8H0P80BjsZjphL523%2BJ5WesXEb%2FtXKr%2BVvMQ%2FEHO6%2FlPZECrIJ8wlvpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff914367e-FRA
6658.dc2fd4177fa973c9ceb2.js
static.fundraiseup.com/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/6658.dc2fd4177fa973c9ceb2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bf7bc0004aeb0dc1b7bb23f128ac24f0302a776cd1950295bc6ffae6e990bf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HWFEVNRH1GBH7S68
age
1743600
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/bItRw+zuqyEANDZ1efMkCrK+fBtIuyXFIuQVsSzjKgLvIk2ABZ68z8m+2ygl66oYpKyo4g0oh0=
last-modified
Wed, 13 Dec 2023 09:34:52 GMT
server
cloudflare
etag
W/"179e147646e0cd73902eb5b2db332b0f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vS7ObMHPTegNJsBR5E1QWkWHdpVAQWT%2F0Pj%2FjjX5040Pxt0Mlc6ZGX%2FHbeHbNe1xqCep6SI%2FmsdZcYzT6IiAaoXkNUgOTkERmBaleHgTklNiQR%2BqFdJNobFr6KtgquTGzC9INq5zv8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff916367e-FRA
3646.260d4a1075292b4adf02.js
static.fundraiseup.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3646.260d4a1075292b4adf02.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb83ac4c1a72227dd5036318370e6523f7a06d0e9f791efb6f6fe34b22621ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5AN74CW8D14TXXNW
age
445945
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
7ErrOjCACpgTTQJpsg8Tp9BsmzC4SOh0FJ2i8KWPkTJfUw4w3HaF3+xYrWSnz+zxc42gZuDe7A0=
last-modified
Thu, 28 Dec 2023 09:56:31 GMT
server
cloudflare
etag
W/"2411304c845454ffdbcb9e14e0698788"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcHgw4cMGshztzhAp%2BjRX5jrpMgD6bOm3iBEPtCdtrzM5IosvsMRltCEJD6uCLm5Kqf%2B26emjEwIPSM9tuhtA%2BrIac1ei1SYfSgb8afyqSx82u4btRQA2N5VC%2B%2B%2Bn9SkCM66%2Fe6eB3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff917367e-FRA
3105.d6e00ff8e93a442df385.js
static.fundraiseup.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3105.d6e00ff8e93a442df385.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc4700b8677a899840ce32bc6c1b5d5405e5d7f2e14a338ed95e4fe40a2bb96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZS8TCXK4EM0VR5
age
18439
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
X7y8sHgwVF2zNwDBr84dD8tctTNiBmZu2w8ST3H3EuyV8LLMJOB/8bNcq0Uw8XBDYvgGrzWMbpw=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"36ea0ba3a6b621751333520ee8fd1f70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FYxSKfvtZei8i1WEigVoWtXAHBEfNMXlG3DuEghBPoqwQAjZElmMwWw%2BTEdqWTfLkEm9nWovO4%2BbmJTgLfePddBR4xA2%2FAyqMEzBNMHTz00WQy%2BLzra9GxoX%2F2GylYUr5jDZYfKV7I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff918367e-FRA
3092.789e5f7657c128376286.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3092.789e5f7657c128376286.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50d15896eb602b52225697467a0e13195cddd10423d86ccafc7598f8a6a6111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8KP55HC4N9XTZK
age
18439
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
gb62nSkF8+A8PY8FiSvtl8X04DJ+vfX8nufElQnInQJ35tTK6JmyY/fq2X93Iuyv9wQLWRphSjU=
last-modified
Tue, 02 Jan 2024 08:46:52 GMT
server
cloudflare
etag
W/"d94f94636a66837a35470b946952786c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6PWsvPLHimdSyo4IP%2BSsn7a4dC7TbyBVuS7Q3dSRi1gMbJWLt7lXucjpLEKnmHDta7WE37h18BLZ5eddPvvpdi7uKoeTKdGe7lPfNmZAmbVXSz8JLnYm3K6JMazUry1h6wU8tWkojA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff919367e-FRA
9927.0b1e038f382f072de5e9.js
static.fundraiseup.com/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9927.0b1e038f382f072de5e9.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49e6f18090a8c3b811e5d7d50a1cd9e83272f1ecbea95624373950070500a90d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8V821DVXWACE22
age
18439
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
NhX6gGbK4E2JQERJ1jxpTHl0HIjsPU3AWHAfgtHxUbkUAtKTEBrUI598j5Bof8POjSIyJw4D2Ec=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"3a9bfdc394ebc7d6ad30abca79e6f251"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noJS0P5tV%2BFfdVR%2B5YJXel0PHbsDLrP4pfFQFlsk%2BLP71mQOkCgABoOUz8wKxjSqRbVyGGVwUu6y7HiyltbW9YiQ6IKeFHBAIPivW%2B%2Bi4LjYhmcpahyZ%2BIAZSHY7USHxTNtupQsQZ4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff91a367e-FRA
7730.aaad688a89216a2cc75a.js
static.fundraiseup.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7730.aaad688a89216a2cc75a.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276867c5c3ce0b2f35e900e8e9c73fa7dc25a53802bb365f2d20642fd253f79c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZZZF4QVQ4JVYH1
age
18439
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
bt1d8Zq3dCJRXgfkTTY0R29ev18z59CiVhv/eFVlOZsxroI6i+XI/EMc8rsQtlQRv4iVpF7NU9w=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"641661c170adba24f7e5f887e0ee88bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WV7xXlJUxvQjqFQRF0YMyV2qc0JgGBPuTTygyfGtuMVPyODlCqsWk7IyP%2BCmn34fZAZxy1Q%2Fn9DBRDuvFYexFzj1rap8UseGk6BRyW%2FrNn3dotzQejDJD7Wi4YYoAE1s2%2BHmTMjVFjg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff91b367e-FRA
8598.d58b9cdb2bccb5cd9149.js
static.fundraiseup.com/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8598.d58b9cdb2bccb5cd9149.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46de8ce43bbbc4282b65b9805f4f7c462f812ce23b615379b468beb09a989a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZNFA0GW2GF59CY
age
18528
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/NUB8dpLt9Z1mgaitjFsV1wCPuuDKoZjMssNia5vBvHn8EXAreKTi7uu4Sw5r6mgIHFmTMOdkbI=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"854d674b89e3d93f020393ce69f5a7fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojmbkDM0G42eMG2phevaZ4%2B8xAdfplBDl6z1iYnvJ4upTNL04Ev8sccl9JSf2Q1t0wjTtklLUYkFZGK94i3L7UCNrWq9mjTK%2BVA3mKTyoq7Hdbs%2FLFlobXQ663nX7wxe1HO5qddzDF4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff91c367e-FRA
3313.8bb649db75fb9f932d94.js
static.fundraiseup.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3313.8bb649db75fb9f932d94.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b21363e68e52f1ba52f2f292a183e39f00372c248ecfaf0c5c1fa671ff46a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZP580FP8A5VGYS
age
18438
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
SwHkrO2XE1mo2O3oRXqaHmPAISGL5w3vzWqAqYxJPFXKfzGU9dlhsyzzaYHVBcKXRni1R9LtA8Q=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"85d22b265ca08373504a09621adb500c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgRehUlAPZU69NE2v6tc1AsoUjYy0PMamenvT3WdOphfCr14DQFPUn1g82tWBGXjvrMydWz1LMS5zl%2B67fc0jJqaNLvufSfgNR0Wsb%2F4ZT9O9dVYTC%2BMLFAnaKJ7MFsHWdXlcnFeiiU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff91d367e-FRA
617.b191c125d86fae215d94.js
static.fundraiseup.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/617.b191c125d86fae215d94.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3a41aaf9de8dcdbb1aa7c552942868390ff131f4ae48acd79df9d5a7ff996f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
GDXVS6AZSMBX1RMF
age
1654517
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8IYmc517lx+JwZOVQGVN0I2hjPfFaUX7gjoFpzbEoWrPhil7qHMMb4lzyfna/00D92E+o8EFUgM=
last-modified
Thu, 14 Dec 2023 10:21:52 GMT
server
cloudflare
etag
W/"9d235534a9b590256d5f9f919849f1c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTbyUMKz6XyeC9ItryUwynOgCCYcWbh8mzAZG7uAI%2Fj40%2FDp9iGMbIyFVjlRpDJI2jXXOCFCsd99WZbLFn0eBecDkyZSpDcNWFKZOeVGjY8tdOBSuI3VAdRk6gbxGWBFK6EJJYkBO54%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff91e367e-FRA
3755.885174add6f9f35ea1cc.js
static.fundraiseup.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3755.885174add6f9f35ea1cc.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32c2ce3fc3f9f303fb23219d570a67d0c55951c3f6c81b25e440ba6fb68e60d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZVMRG6TSSH1ARQ
age
18438
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ns4UfLOn762abyqPk/JISKBL7pRsAUs7wu4bnOHhOo9hC2JHVjDeRtVh7rTo9UrtgJm5l7ThkCk=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"6332e5261fb5e132c86e8e991694cf7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3b%2F088WZM5kcYDGNg4Pd%2FX38e5e9PMGPcvjpI7Y%2Fh5N5UfvdEQGkfxpvfxEXTLbSOyE94Ex5qzKPHFqZ%2FMtR2JZz%2FwlU49WGFiCR8w2t3DnExVIKbw3Lv1bGRyznNva%2Bfg6IQWcN318%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39a4ff920367e-FRA
/
ucarecdn.com/36e1897c-937c-4cc1-9c7d-220d75cd62d0/-/resize/x50/-/format/auto/ Frame 9AD9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ucarecdn.com/36e1897c-937c-4cc1-9c7d-220d75cd62d0/-/resize/x50/-/format/auto/
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
47a019a4a25f09f59e801a8b3d77f63a3a975a4c763f8430defa7987e14d7d64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
x-image-width
50
server
Uploadcare
etag
"5f0f074f24722ebb2e429bbb349da7d7"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31495056
content-disposition
inline
x-image-height
50
content-length
1937
.deploy_status_henson.json
js.stripe.com/v3/ Frame 4BA8 		474 B
867 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:49 GMT
via
1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
42
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
4fgEw74HLACnQjwbkkpqzJGnvjW0GYI46xhQBOLQtYx0a5xkbhttGw==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 4BA8 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:49 GMT
via
1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
42
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
w16C3gJUH8db1smz0lBIFr1zUI-i0ynSTycAVr3fyoPI9liTGyC3lg==
sid
mug.criteo.com/ Frame 8BC7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=www.marchofdimes.org&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=j4GtinxrQjVtZU5icGluK0dHU2ViRTdaMTBCTGdET3BRcmcvS2dxTHJIbVNvR0h4MEU0aFBoVUNWWXVkbVFoaGxES3FvSHdLRzJjVnl5YVoydWs4TTI2b20va0g4Z3VvTmNFV1BNMFpmeFpSSXh5WXFIRXMyWWFPemNack...
460 B
689 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=j4GtinxrQjVtZU5icGluK0dHU2ViRTdaMTBCTGdET3BRcmcvS2dxTHJIbVNvR0h4MEU0aFBoVUNWWXVkbVFoaGxES3FvSHdLRzJjVnl5YVoydWs4TTI2b20va0g4Z3VvTmNFV1BNMFpmeFpSSXh5WXFIRXMyWWFPemNackVoVHRmdzlROFg2dWtKMUdxVER6UExMd04vV0pHMUpyN3dPaXBjcnBVSGlpajltWXNNUnpVS0ZDbGhLbS9lNUJTd1I0SytkWnBXbUQvak83eWVHZ1dWYy9uRmxFVTlaanVjOUpxSUgrNkVxUmJnaFZTcWF2UEdKYXlKc1lEMm8xV3djOWFlbm1JWXNocFhDSkYweFJsQm1wSTd2YnZqSThzd2gvVFExaE5GMXNkb2RPaXF0aGxXS3NxN2NSRjRmcUpyVWk1NWx1MEowNmoweHk1SkFta2R0YUY4SC9GRnc9PXw&cppv=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0ca696238070bc4174509b4b2acfc3103c38c49b3c135f0af24366ce16f281c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1177847
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=j4GtinxrQjVtZU5icGluK0dHU2ViRTdaMTBCTGdET3BRcmcvS2dxTHJIbVNvR0h4MEU0aFBoVUNWWXVkbVFoaGxES3FvSHdLRzJjVnl5YVoydWs4TTI2b20va0g4Z3VvTmNFV1BNMFpmeFpSSXh5WXFIRXMyWWFPemNackVoVHRmdzlROFg2dWtKMUdxVER6UExMd04vV0pHMUpyN3dPaXBjcnBVSGlpajltWXNNUnpVS0ZDbGhLbS9lNUJTd1I0SytkWnBXbUQvak83eWVHZ1dWYy9uRmxFVTlaanVjOUpxSUgrNkVxUmJnaFZTcWF2UEdKYXlKc1lEMm8xV3djOWFlbm1JWXNocFhDSkYweFJsQm1wSTd2YnZqSThzd2gvVFExaE5GMXNkb2RPaXF0aGxXS3NxN2NSRjRmcUpyVWk1NWx1MEowNmoweHk1SkFta2R0YUY4SC9GRnc9PXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
319961
content-length
0
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 8AFC 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:49 GMT
via
1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
42
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
1rWJuAkAn2pTTxJAYMaNffZrSa8F8X0b_ka-WKwXToNX6S97Haz33g==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 8AFC 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:49 GMT
via
1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
42
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
fjL39QBTDjR1qm45tG-dI-ZmR8_C-Q8WKudpp5z6JYlwHf26M4Aftw==
csp-report
q.stripe.com/ Frame 59E9 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808173233
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1704204808172594
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 59E9 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:7a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:24 GMT
content-encoding
gzip
via
1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
5
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
DUS51-P1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
YcHM9-Ry0dS-WgRprEGVeLR9UTkEJGhduP_nViMuOlUsC3oFOPRxbA==
csp-report
q.stripe.com/ Frame 8DB4 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808174238
x-envoy-upstream-service-time
10
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
7
x-stripe-client-envoy-start-time-us
1704204808172535
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 8DB4 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:7a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:24 GMT
content-encoding
gzip
via
1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
5
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
DUS51-P1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
9MxWKV1N8NUD2Gtt6R8LzkTTW7t4qA8QAIjPp8UQ2dlM1XFsvaJoNg==
pixel;r=1365615082;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCN3TmNHxvoMDFQPROwIddPcLcg%3Bsrc%3D8832015%3Btype%...
pixel.quantserve.com/ Frame 9BA2 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1365615082;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCN3TmNHxvoMDFQPROwIddPcLcg%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Drt_bs0%3Bord%3D9860232725479%3Bauiddc%3D1938801499.1704204807%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w;ref=https%3A%2F%2Fadservice.google.com%2F;uht=2;fpan=1;fpa=P0-743235468-1704204807587;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=1;et=1704204807765;tzo=-60;ogl=;ses=33ff9628-d17f-410b-b749-1b13837caf6a;mdl=
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3TmNHxvoMDFQPROwIddPcLcg;src=8832015;type=rt;cat=rt_bs0;ord=9860232725479;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
event
ad.ipredictive.com/d/track/ Frame F31D 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/track/event?upid=107549&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&val=&tn=3002171300876&cache_buster=[timestamp]&ps=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.238.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-238-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:13:27 GMT
Connection
keep-alive
X-CI-RTID
a0a210d0-a35b-4b5a-b4a1-a50282881750
Content-Length
0
p
e.acuityplatform.com/ Frame F31D 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.acuityplatform.com/p?pk=9020304230610356278&pg=26254
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.59.122.94 Schiphol, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
Pixels
px.adentifi.com/ Frame F31D 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adentifi.com/Pixels?a_id=3405;uq=1356014315;
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.44.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-44-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
ld.js
dynamic.criteo.com/js/ld/ Frame F31D 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=81237
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
abca992fa4e621e1b432acbd7111a6c3561a508229e1ae32873531feb1d24a17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
adservice.google.com/ddm/fls/z/ Frame F31D 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame 9AD9 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4XNGNJKF2Y4B544T
age
668588
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56460
x-amz-id-2
zbAQlh/zIKk3a0CskolCssfW+JxwLuIWNqNKmhTqSN01RrO2ZXqM8tpZvZPbwK5YqTwCeodOZPQ=
last-modified
Thu, 14 Dec 2023 13:16:28 GMT
server
cloudflare
etag
"cc65a7d46bec1bcadfd3a27d571765f5"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFdiM%2BlCf%2FDRmuEzf1n7%2FXRiuLNctXAmwNCSzU7RoPjWUCsUl6S3lMGytVb5RheV1ec077RbT2Ota3%2BkyWcgmyyCHwC8YiH7kl8P6Dbp984tr%2BxqwOTIQ9IWOCeWoLGfPse1ZfsLtNc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39a50df75bbc2-FRA
/
www.facebook.com/tr/ Frame 6BBF 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=812396462484872&ev=PageView&dl=https%3A%2F%2F8832015.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCI3YmNHxvoMDFbbXOwIdrcQLKQ%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D8514793536088%3Bauiddc%3D1938801499.1704204807%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1704204807819&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=other&it=1704204807545&coo=false&rqm=GET
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CI3YmNHxvoMDFbbXOwIdrcQLKQ;src=8832015;type=rt;cat=donforms;ord=8514793536088;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:13:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
events.js
tags.srv.stackadapt.com/ Frame F31D 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
279a1e64a58cb3af05f782d85d063507979f239d654067f06d7af12e1ef71438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:13:27 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
bat.js
bat.bing.com/ Frame F31D 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:13:27 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1F146232D2ED4BC7B5A9B6FF64228AE1 Ref B: FRAEDGE1909 Ref C: 2024-01-02T14:13:27Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
quant.js
secure.quantserve.com/ Frame F31D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:13:27 GMT
fbevents.js
connect.facebook.net/en_US/ Frame F31D 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:13:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
G5ljjCe9jOZbCZePkmklKRfZOaOVZWso+89BI/Zew3lPP9F1pQM1MVgng3E8o+rjKPX2Z6ny9Muhl8KnATf3YQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pptm.js
www.paypal.com/tagmanager/ Frame 9AD9 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.marchofdimes.org&t=xo&v=5.0.416&source=payments_sdk&mrid=QC6F4C27ZTBFE&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&disableSetCookie=true&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=QC6F4C27ZTBFE&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b17a420163b181948e21b8a69880c8f8098f369084006bfa920b62194ff3c81
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pCgVJZe6x60Pu5oN1W2d6fUEFCC5C5Ayvc3mcueBMcsm12pQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pCgVJZe6x60Pu5oN1W2d6fUEFCC5C5Ayvc3mcueBMcsm12pQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:13:27 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
63552
x-cache
HIT, MISS
paypal-debug-id
f5696235c4423
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4778
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230056-FRA, cache-fra-eddf8230056-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f5696235c4423-a4a84418f06c25b8-01
x-timer
S1704204808.860810,VS0,VE6
etag
W/"3673-CDYthXayTPHyhbZkx+ebL7PTxgs"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0
pixels
c1.adform.net/imatch/ Frame 3142 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=3179125&ADFdivider=%7C&ord=424021668857&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0818599f49812b1630d5ae86b4b4f5f722cdda7c78c3fa6761ae2b35baec56bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 14:13:27 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
a1.seadform.net/serving/cookie/sync/ 		35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.seadform.net/serving/cookie/sync/?uid=9021619587798447779&stamp=xXwEqERBe88DvP-67D9Y4w2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
b
r.stripe.com/ Frame 4BA8 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808474058
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808473655
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 8AFC 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808650666
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1704204808650452
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 8AFC 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808475570
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204808475260
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 8AFC 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808475780
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808475310
access-control-allow-credentials
true
content-length
0
elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
js.stripe.com/v3/ Frame 63E9 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2187
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:37:05 GMT
etag
"74c94b12a3c991276d75d7e7135461e8"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
x-amz-cf-id
KNtakxdjEtcGMG3mJArtujGIj2OvqNKCxedv5OE0uUN4Tn6uLDY-wg==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
js.stripe.com/v3/ Frame 5480 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2187
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:37:10 GMT
etag
"74c94b12a3c991276d75d7e7135461e8"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
x-amz-cf-id
oY1hdMC_zSq8gSMdReD7WLV7ZP1LJMLTwaYAwUTP69Ugl_I0t-r8aQ==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
js.stripe.com/v3/ Frame 2930 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2187
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:37:10 GMT
etag
"74c94b12a3c991276d75d7e7135461e8"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
x-amz-cf-id
GPIApMx1kuMjaNUPgr6MFyLwkqXfWxlkGSWeC40v1DdnC0709RPZzQ==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
js.stripe.com/v3/ Frame 575F 		820 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e7e7f216e2add2e5655784665bea48f8efed39c8be96c40782b3f0cf84df6bbf
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1615
cache-control
max-age=31536000
content-length
820
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:47:48 GMT
etag
"5d9a311984498e026b1badc5a52d6bcb"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
x-amz-cf-id
oQ8SXCVKxfoZ7cKnDn3xgBokj8Rtv-tP2ULw483i0d442BovD53idw==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
js.stripe.com/v3/ Frame 17A3 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7a5d1a8956ee3f319edea53bf11ba07988f8c6a0b6204633cee6a41b4b216127
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3160
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:20:48 GMT
etag
"a59168b21e202d878ed59c4fbe9405b6"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
x-amz-cf-id
PtL1iUfMxRu4bz3Ua49LzJlqamwIW7xjoMXNCc6XVQmYtO78anlgyA==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808475448
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204808474959
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808475406
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808475151
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808475712
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808475266
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808475555
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808475154
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808475509
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204808475213
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808475763
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204808475224
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808652459
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808652293
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808475496
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808475061
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808652715
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808652244
access-control-allow-credentials
true
content-length
0
6
m.stripe.com/ Frame 59E9 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.100.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-100-182.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8dce33441363825a8fa61a81612d0f77705238bb6709329269593b63777a4bc3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808425307
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204808424844
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
event
widget.us.criteo.com/ Frame 6BBF
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=LwwhN19RN2NyWjc5b3pRcEZhZ1h3U096Z2NhRUVLJTJCZzB5WWQlMkJqRlNNWWRYaEZvbW4lMkJmZDVCU284aHhRNmNGT3NSem1DZjl0MnhwRDBnUHB1V05OZ0k4akd3MGwzSGxaSWVJQ3dTQU5zSEE0RHEyQWxjZzdsSWtaMTE5U2FwV1k2akxTc0FDNW5xWTN1N25JUm5majQwRGxnQmtBVnIlMkZQQmFwWnhjdkFLRTlvSE1DRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=5d855b8b-6907-4118-a960-1790f1180064&dtycbr=9713
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a0a602bbdd20348935d02aff5b710985675b9b01118d9b8c5de54df6655fede5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
21291651
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-origin
*
location
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=LwwhN19RN2NyWjc5b3pRcEZhZ1h3U096Z2NhRUVLJTJCZzB5WWQlMkJqRlNNWWRYaEZvbW4lMkJmZDVCU284aHhRNmNGT3NSem1DZjl0MnhwRDBnUHB1V05OZ0k4akd3MGwzSGxaSWVJQ3dTQU5zSEE0RHEyQWxjZzdsSWtaMTE5U2FwV1k2akxTc0FDNW5xWTN1N25JUm5majQwRGxnQmtBVnIlMkZQQmFwWnhjdkFLRTlvSE1DRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=5d855b8b-6907-4118-a960-1790f1180064&dtycbr=9713
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
9747547
timing-allow-origin
*
content-length
0
expires
0
6
m.stripe.com/ Frame 8DB4 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.100.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-100-182.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
40329e4d71f52386b55c15b623c451ed029e45ebfcfe55f7798204270bd34c71
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808474192
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204808474029
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.marchofdimes.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.marchofdimes.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Tue, 02 Jan 2024 14:13:28 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f3285863f4af6
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f3285863f4af6-4e8b2a77fe25c971-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
x-timer
S1704204808.944951,VS0,VE195
logger
www.paypal.com/xoplatform/logger/api/ Frame 9AD9 		1015 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=QC6F4C27ZTBFE&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95769945bb2c659e11d188090b47e69323b50d8cd4f0e2c84fdb1a11594b52ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f3285860f2cbd
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f3285860f2cbd-1197de3835f10ef3-01
x-timer
S1704204808.149671,VS0,VE178
etag
W/"3f7-z+wJ+NTpucWAaK2FLb1KAHttHDY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.marchofdimes.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
event
widget.us.criteo.com/ Frame F31D
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=LwwhN19RN2NyWjc5b3pRcEZhZ1h3U096Z2NhRUVLJTJCZzB5WWQlMkJqRlNNWWRYaEZvbW4lMkJmZDVCU284aHhRNmNGT3NSem1DZjl0MnhwRDBnUHB1V05OZ0k4akd3MGwzSGxaSWVJQ3dTQU5zSEE0RHEyQWxjZzdsSWtaMTE5U2FwV1k2akxTc0FDNW5xWTN1N25JUm5majQwRGxnQmtBVnIlMkZQQmFwWnhjdkFLRTlvSE1DRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=1642aae7-40ee-4288-b25e-89b2d5918673&dtycbr=11267
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
445268ca36d9f009a1828ef60e20574e55089d9a365f44185dbe8462a418b5df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
22180681
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-origin
*
location
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=LwwhN19RN2NyWjc5b3pRcEZhZ1h3U096Z2NhRUVLJTJCZzB5WWQlMkJqRlNNWWRYaEZvbW4lMkJmZDVCU284aHhRNmNGT3NSem1DZjl0MnhwRDBnUHB1V05OZ0k4akd3MGwzSGxaSWVJQ3dTQU5zSEE0RHEyQWxjZzdsSWtaMTE5U2FwV1k2akxTc0FDNW5xWTN1N25JUm5majQwRGxnQmtBVnIlMkZQQmFwWnhjdkFLRTlvSE1DRSUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=1642aae7-40ee-4288-b25e-89b2d5918673&dtycbr=11267
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2920203
timing-allow-origin
*
content-length
0
expires
0
csp-report
q.stripe.com/ Frame 63E9 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808175975
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808175641
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 63E9 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808175994
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808175652
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 63E9 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:31 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2121
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
_N0ZQNKVBUN5SsddYf6I8rV79LCLZCdGgIrCH7idAvYm5TdpOmse1A==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 63E9 		404 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:21 GMT
content-encoding
gzip
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2527
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
eJEd0hYWH5d-kIcGMudb6H4DSvbuPx-mfWyeNiiSUyggTql1kFK-DA==
elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
js.stripe.com/v3/fingerprinted/js/ Frame 63E9 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:15:04 GMT
content-encoding
gzip
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3504
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Cloudfront
etag
W/"b5688a01127f6b7ade6e2a5679b5b032"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
3M7gLxJAa7sZcGJTsB1hhUemSx6_fdkhe55jMXf3Gh3n1T8G0-l33Q==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 63E9 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:45:59 GMT
content-encoding
gzip
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1649
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Tue, 19 Dec 2023 21:32:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
gUs1IPTnbU2m6m_-ZUBqckW7QV6jUFKU88MulS6Q5FTzLphwiM6UQA==
elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame 63E9 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:03 GMT
content-encoding
gzip
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1468
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
etag
W/"8385166c06e8d209fc459b542697c4fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
-8o5XnlRs4xqvuQ1lPn9LfoEsN3a9EBwtHO7IBLDZCo87V0Ot6ccdQ==
csp-report
q.stripe.com/ Frame 5480 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808176192
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808175663
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 5480 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808176422
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808175852
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 5480 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:31 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2121
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
t6vB-69vLpVzf_Um24adj5HKi2LHJhYnc06EEWoDocqDMFsGCVQ2eg==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 5480 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:32:05 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2527
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
VcF6gjSfG1kBHYunjyzpwsG8DGk02t5NKVnuARLEFn1_U26hIjgs_g==
elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
js.stripe.com/v3/fingerprinted/js/ Frame 5480 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:17:42 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3504
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Cloudfront
etag
W/"b5688a01127f6b7ade6e2a5679b5b032"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
B9lPnvYcnyElB7JJCJU_fv4nrHVOhsyHEi-qiP3PYzfF1pfNbOetDQ==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 5480 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:46:45 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1649
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 01:22:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
0W-APEVj5AX9p_7ECgFcIqSjVCL29f5QDHYjd-CKYFydWmBDoybu9w==
elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame 5480 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:48 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1468
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Mon, 18 Dec 2023 21:16:55 GMT
server
Cloudfront
etag
W/"8385166c06e8d209fc459b542697c4fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
9_WIgJOLXWc7XIBQkwMvVrg3Tv0GT333BOcD1gM6XlSMyqHbdWo0Dg==
csp-report
q.stripe.com/ Frame 2930 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808177235
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808175902
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 2930 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808176639
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808175878
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 2930 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:31 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2121
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
RG91qYD4Ho6cIBtoDYxcPGauWSCmy_IcI5HHbJ7H_cBYxJgQDxSbLg==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 2930 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:32:05 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2527
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
EE0jfD5IqKhdf6tVNfHhid0aS8hSbNSYtjlUtHrtgoDapclpNVjdsQ==
elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
js.stripe.com/v3/fingerprinted/js/ Frame 2930 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:17:42 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3504
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Cloudfront
etag
W/"b5688a01127f6b7ade6e2a5679b5b032"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
kbXRYmtuLNLkEslvneg4Xdl_qS6nD96IJ0X7JOUrG61Cw1iezTyKyA==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 2930 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:46:45 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1649
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 01:22:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
2YZ0JnGzUPkNfnowGqnZoCrb1o3VQoJnEQC2iDjtlVfIfKTgFJLF9w==
elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame 2930 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:48 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1468
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Mon, 18 Dec 2023 21:16:55 GMT
server
Cloudfront
etag
W/"8385166c06e8d209fc459b542697c4fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
UjrbEJFIvkovcEZ92IU_ZdxkhxutydPlKv3JUQGap98WJqzXlnD6bw==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 575F 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:31 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2121
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
6ktE9B9ImxpxPp0_-TS4DZdl3bO4b-yLApJR1_nIL-EbCAlLJDX5wg==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 575F 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:32:05 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2527
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
mh6Bg5ujFpKU-fD9smQd4kbiUqCQ9U1_if_o9LxaY3X3nk8-aITGng==
elements-inner-au-bank-account-34c8ad6a1ca3f37a9e46b5abfb1b8555.js
js.stripe.com/v3/fingerprinted/js/ Frame 575F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-au-bank-account-34c8ad6a1ca3f37a9e46b5abfb1b8555.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
2d414e5f00e69a14d9e552014d9f932df7c40b618b2904726170fb689ef8fe87
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:09:14 GMT
content-encoding
gzip
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
322
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Cloudfront
etag
W/"b80aa36d0aa050d116b6c701597397d9"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
fZuZvKdLqEyWPE3ebQ7ln2oheVrHuyEJ-JgCQ7yDkRKQRrQpPjhA6Q==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 575F 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:46:45 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1649
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 01:22:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
R3rr9jtIFqstGq2eVlezXuGdmnSjh7nqZUemmVat9U3OW-tB566j5A==
elements-inner-au-bank-account-e34451f632d458dc560a07f1f94a5e0a.css
js.stripe.com/v3/fingerprinted/css/ Frame 575F 		764 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-au-bank-account-e34451f632d458dc560a07f1f94a5e0a.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6ec65ff8562887c03245269b73d1ebb60f6f619d9bad49c6ce2c956e7a0826f4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:59:49 GMT
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
932
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
764
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
etag
"0507b76e911911910d0e35f2024dd5c6"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
EHB8O-e082awZuQCltccAUrnbeTXKKHPAIaCONbSRFEHJAvFeBYAlw==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 17A3 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:31 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2121
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
4JiBo_o6E6cuXnemDuJWnRGUFE0nbvMJb4vaBpHWEhw96llLuCUBkw==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 17A3 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:32:05 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2527
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
9Ix4tIHRsGFgFyZtOZXC4d7sNGdxa-DEin6wOsJCksUCWx66ZPTfcQ==
elements-inner-iban-4ac6a58186cbdc786747a784d558aba4.js
js.stripe.com/v3/fingerprinted/js/ Frame 17A3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-iban-4ac6a58186cbdc786747a784d558aba4.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f16ade3e5da5d485764a1d4ca2aa3f94f757b785195b04d391de88680adf76ea
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:36:29 GMT
content-encoding
gzip
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2229
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Cloudfront
etag
W/"21b89b442b725a93ba30c1992c145c02"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
mpELcFgJZo6X7MGFgDmsWxOwYfGhTMfwOAj8K3tHFZjEr4EwH10JAg==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 17A3 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:46:45 GMT
content-encoding
br
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1649
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 01:22:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
E1Se4LcFz3IF3g25Qu8AiudjbCFobGH8aTESIu1_la0J0xqeTSznBw==
elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css
js.stripe.com/v3/fingerprinted/css/ Frame 17A3 		485 B
979 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:16:02 GMT
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
3465
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
485
last-modified
Mon, 18 Dec 2023 21:16:55 GMT
server
Cloudfront
etag
"f6ff2b5ca153d43c332b4e54c118e3d0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
9hxWgKiGCgDmV4N_37dBh8hmxmug_CdL0QG7Ctf1avFqU1f5WGEt8w==
rules-p-uyn8UnTsRXguL.js
rules.quantcount.com/ Frame F31D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:6e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:33:09 GMT
content-encoding
gzip
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
2419
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:08:42 GMT
server
AmazonS3
etag
W/"b4a376a3ece8af98e7567e60db986dc9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
ji2giy38ZTP2BcTb4_6uBXyEuy26pCuP8xZN-TmDaPnN9Nb2AveQ2A==
muse.js
www.paypalobjects.com/muse/ Frame 9AD9 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=www.marchofdimes.org&t=xo&v=5.0.416&source=payments_sdk&mrid=QC6F4C27ZTBFE&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&disableSetCookie=true&vault=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48DA) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
7d1e382a2bb48
dc
ccg11-origin-www-1.paypal.com
content-length
16488
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (ama/48DA)
traceparent
00-00000000000000000007d1e382a2bb48-25405d1f8922f231-01
etag
"64f25363-daa8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 02 Jan 2024 15:13:28 GMT
ts
t.paypal.com/ Frame 9AD9 		42 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AQC6F4C27ZTBFE-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AQC6F4C27ZTBFE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=427565ab-c1a8-42ab-b84a-a768c3a498ca&fltp=analytics&mrid=QC6F4C27ZTBFE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1704204807944&g=-60&completeurl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&ru=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&disableSetCookie=true
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 02 Jan 2024 14:13:28 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
f0b8f95826aff
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230030-FRA
pragma
no-cache
correlation-id
f0b8f95826aff
traceparent
00-0000000000000000000f0b8f95826aff-dcb6decd10bb450e-01
x-timer
S1704204808.040420,VS0,VE163
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 14:13:28 GMT
25042596.js
bat.bing.com/p/action/ Frame F31D 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25042596.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:13:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3EF9958190FA434CAE264EF91B8F6DED Ref B: FRAEDGE1909 Ref C: 2024-01-02T14:13:27Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame F31D 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=bf2a8cbd-1374-4b09-bc1a-96d7ec7692ce&sid=194ae360a97911ee8f5d9d3dd72d6bf0&vid=194ad720a97911eea0381f394a2c2bf3&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.marchofdimes.org%2F&r=&lt=218&evt=pageLoad&ifm=1&sv=1&rn=17973
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:13:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DFCC6211B89049BC926745F793500A4A Ref B: FRAEDGE1909 Ref C: 2024-01-02T14:13:27Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
saq_pxl
tags.srv.stackadapt.com/ Frame 6BBF 		116 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=zFWBFWbS14YYtkU1aQYdUw&is_js=true&landing_url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&t=&tip=YMs54h8XTROGCNvtHtQBKnxjBPoFl8XjAkp7RjlfRvA&host=https%3A%2F%2F8832015.fls.doubleclick.net&sa_conv_data_css_value=%270-500872fa-7a65-5561-5ceb-1d8da5d38911%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9500872fa7a6555615ceb1d8da5d389112d8d984c&sa-user-id-v3=s%253AAQAKICi_UwGIV8YzPpAr0X0RxUo3DmFNfR8Wg5_GsAhNtTb1EHwYBCCHtNCsBjABOgT90vuTQgQDhqox.RmSH0Aj3LJ3iqF1EBflLHGkgQoZvksE3MWglOFlzrBg&sa-user-id-v2=s%253AUAhy-nplVWFc6x2NpdOJES2NmEw.ytXOL4kuXrYxtzLPLOrElrhOG1OIVtS%252BxyJQ0lmoSKQ&sa-user-id=s%253A0-500872fa-7a65-5561-5ceb-1d8da5d38911.dCDef%252BBh3%252FFaoJfR%252FdZ5vAbkCAD1fmGrn1KQHuBE9AQ
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ae4ad442fdfac1ade543efd816459a6dfba4aeb6583e6e8cc17aee1dfacb65d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://8832015.fls.doubleclick.net
date
Tue, 02 Jan 2024 14:13:28 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
116
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
syncframe
gum.criteo.com/ Frame 1778 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=81237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:13:27 GMT
server
Kestrel
server-processing-duration-in-ticks
1170987
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
812396462484872
connect.facebook.net/signals/config/ Frame F31D 		134 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/812396462484872?v=2.9.138&r=stable&domain=www.marchofdimes.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d30717f2e8dc64c231e7f24843ca4ba6c9076d5e838b08e4d6efc0ee66b9f9c6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:13:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
etebVMnOGMaWXeJNF2ALSl2WGoAc0wq2waEYBs9QrXDFECrkwSy3yRqNWROAjC/FvLb53aGMFfn3U6ShNUElOg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
csp-report
q.stripe.com/ Frame 575F 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808176832
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808175892
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 575F 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808176640
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808175891
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 17A3 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808177015
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808175905
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 17A3 		0
714 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808177010
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808175910
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
plf
c1.adform.net/imatch/ Frame 3142 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plff
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
match
ad.360yield.com/ Frame 3142 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=9021619587798447779&Expiration=1705414407
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.81.117.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-117-7.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:13:28 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
ad.yieldlab.net/ Frame 3142 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=4879&ext_id=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:13:28 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 01 Jan 2024 14:13:28 GMT
token
token.rubiconproject.com/ Frame 3142 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=5232&puid=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tpui
ih.adscale.de/adscale-ih/ Frame 3142 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=9021619587798447779&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.42.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-42-67.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 3142 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=9021619587798447779&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-217-182-178.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
transfer-encoding
chunked
content-type
image/gif
user-registering
ads.stickyadstv.com/ Frame 3142 		43 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:4::25 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:13:28 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1704204807982057-598
sync
x.bidswitch.net/ Frame 3142 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.92.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-92-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 3142
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9021619587798447779&expiration=1705414407
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9021619587798447779&expiration=1705414407&C=1
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9021619587798447779&expiration=1705414407&C=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9xhZNOnwwhSaO%2Bw657y8c%2ByxjAHYXSsIBpHX5Qq6LY%2BqFENiYqlrLmUTjZVDZEHlnELEDuvySR%2B0V01OodyZIk%2BYNRWAFQh%2FXZMLWR%2BN2Bvdgxnh2K6iBpOrmUMeHyKR714J3S8xOoA%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83f39a524d5d1a6b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCBv2yL7ZZ9vuNLUkBYeUmhQOFg1Mn9Ktv7hLCzM3%2BS5z8%2Bz2Oa1qfrZ90kGuvYvFZypPt4OIgZb9zjHNlfPOsUzv1OnWgtyjG7yTU53RFFYd55OMbGQ0GSYDRf416birVCKYwi%2B1A6Krw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=111&external_user_id=9021619587798447779&expiration=1705414407&C=1
cache-control
no-cache
cf-ray
83f39a521d171a6b-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
12092831
se.semasio.net/sync/1/ Frame 3142
Redirect Chain
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=9021619587798447779&sInitiator=external
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=9021619587798447779&sInitiator=external
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=9021619587798447779&gdpr=&sInitiator=external
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7319503916052904087&sInitiator=internal&gdpr=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=6791097123189565003&sInitiator=internal&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=M0UxRTcwMEI3QzcwQkIxMw&gdpr=
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESECrbGBvru4CYCNqINFhSFfU&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESECrbGBvru4CYCNqINFhSFfU&sInitiator=internal&google_cver=1&gdpr=
0
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESECrbGBvru4CYCNqINFhSFfU&sInitiator=internal&google_cver=1&gdpr=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:37 GMT
uip-status
Ok
frontend-id
09
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:38 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESECrbGBvru4CYCNqINFhSFfU&sInitiator=internal&google_cver=1&gdpr=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
match
ps.eyeota.net/ Frame 3142 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=9021619587798447779&bid=9gdtmu1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:13:28 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
pixel.gif
load77.exelator.com/ Frame 3142
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=9021619587798447779
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=9021619587798447779&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 02 Jan 2024 14:13:28 GMT
x-age-lb
227936
x-amz-request-id
tx00000bb5f29fc5c0125df-0065909fa7-5134150-nyc
x-77-cache
HIT
x-accel-date
1703976872
content-length
43
x-77-nzt
A9RmOLE3Nzf/YHoDACUTwjE3Nzexz9PUZqCW3wA
x-accel-expires
@1705013672
x-77-age
227936
x-cache-lb
HIT
last-modified
Sat, 30 Dec 2023 22:32:08 GMT
server
CDN77-Turbo
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
x-77-nzt-ray
1cb09c0e482d716d081a946545bd1e0d
content-type
image/gif
x-rgw-object-type
Normal
accept-ranges
bytes

Redirect headers

date
Tue, 02 Jan 2024 14:13:28 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
398366.gif
idsync.rlcdn.com/ Frame 3142 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/398366.gif?partner_uid=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9021619587798447779/gdpr=/ Frame 3142 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9021619587798447779/gdpr=/gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.183.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-183-118.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.12.105
content-length
49
expires
0
29729
tags.bluekai.com/site/ Frame 3142 		62 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29729?id=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 02 Jan 2024 14:13:28 GMT
content-length
62
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame 3142 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 3142
Redirect Chain
  • https://api.adrtx.net/thirdparty/click?p=adfo
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
35 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
HTTP/1.1
Server
52.92.20.216 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:13:29 GMT
Last-Modified
Thu, 29 Oct 2015 16:41:57 GMT
Server
AmazonS3
x-amz-request-id
H1JHY8WVVG54KAXN
ETag
"c2196de8ba412c60c22ab491af7b1409"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
35
x-amz-id-2
5vEAI+3bGqb5oNcczqPCpWi9G8yc4uvz2+Xt6GpjgI0DMpfy6+GynuIIgbeX2f2jy0lXtQEJB+s=

Redirect headers

X-Error-Reason
Missing UserId
Date
Tue, 02 Jan 2024 14:13:27 GMT
Server
akka-http/10.2.10
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
137
/
cm.adsafety.net/ Frame 3142 		0
0
usermatch.gif
beacon.krxd.net/ Frame 3142 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.78.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-78-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n024-dub-prod.krxd.net
date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=54 t=1704204808
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
c1.adform.net/serving/cookie/match/ Frame 3142
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTAyMTYxOTU4Nzc5ODQ0Nzc3OQ
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOAgPQzFqfFRN9EFPDWy9B8&google_cver=1&google_ula=1641347,0
35 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOAgPQzFqfFRN9EFPDWy9B8&google_cver=1&google_ula=1641347,0
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOAgPQzFqfFRN9EFPDWy9B8&google_cver=1&google_ula=1641347,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
plf
c1.adform.net/imatch/ Frame 3142 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfm
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
setuid
secure.adnxs.com/ Frame 3142
Redirect Chain
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
  • https://c1.adform.net/serving/cookie/match?party=3&id=6791097123189565003&redirect=1
  • https://secure.adnxs.com/setuid?entity=91&code=9021619587798447779
43 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=91&code=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
an-x-request-uuid
be5ed7fc-98ea-415e-9fb5-e66fb754f3ab
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.76; 45.141.152.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://secure.adnxs.com/setuid?entity=91&code=9021619587798447779
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 3142 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
pdw-adf.userreport.com/ Frame 3142 		43 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdw-adf.userreport.com/cs
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-63.dus51.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 10:12:28 GMT
Via
1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.22.0
X-Amz-Cf-Pop
DUS51-P1
Age
14460
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
wMc_byjVRojMhdXTMkqSgIX46KxVxUiZkgIVPUBtKaAi90DqoE1iZw==
p
a.audrte.com/ Frame 3142
Redirect Chain
  • https://a.audrte.com/a?adform_uid=9021619587798447779
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmNobW1ZaEl2QWZUMVdEdGxqUVNWM3cxdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
HTTP/1.1
Server
54.217.36.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-36-38.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:13:28 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 02 Jan 2024 14:13:28 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
c1.adform.net/serving/cookie/ Frame 3142
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=9021619587798447779&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=9021619587798447779&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=07137639159710534292821716892233515511&noredirect=1
35 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1007&cid=07137639159710534292821716892233515511&noredirect=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

dcs
dcs-prod-irl1-1-v054-0dac29aa5.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
t4psZG5wREY=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://c1.adform.net/serving/cookie/match?party=1007&cid=07137639159710534292821716892233515511&noredirect=1
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
dmp.adform.net/serving/cookie/match/ Frame 3142
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=9021619587798447779
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219673204749002746026
35 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219673204749002746026
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219673204749002746026
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
/
dmp.adform.net/serving/cookie/match/ Frame 3142
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319503916052904087
35 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319503916052904087
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Location
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319503916052904087
Date
Tue, 02 Jan 2024 14:13:28 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
33302
tags.bluekai.com/site/ Frame 3142 		62 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33302?id=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 02 Jan 2024 14:13:28 GMT
content-length
62
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame 3142
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=g0c21uF31RkFwk5
35 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1084&cid=g0c21uF31RkFwk5
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:13:27 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://c1.adform.net/serving/cookie/match?party=1084&cid=g0c21uF31RkFwk5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 3142 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
server
Kestrel
content-length
70
content-type
image/gif
image.sbmx
global.ib-ibi.com/ Frame 3142 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_128_CBC
Server
216.46.185.183 Highlands Ranch, United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
0.gif
id5-sync.com/s/10/ Frame 3142 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/10/0.gif?puid=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
dmp.adform.net/serving/cookie/match/ Frame 3142
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=4231305551
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=153r76wK3n.kJjBBZk0e1O
35 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=153r76wK3n.kJjBBZk0e1O
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
via
1.1 google
last-modified
Tue, 02 Jan 2024 14:13:28 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=153r76wK3n.kJjBBZk0e1O
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
um
sync.teads.tv/ Frame 3142 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=119&uid=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 14:13:28 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
/
s.ad.smaato.net/c/ Frame 3142 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
no-cache, must-revalidate
via
1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
P9Wb3mB7Si6QggB9Yd6CBdkXdcFKQ5GpjzXVY4Fijg5ns-OLEHxlMw==
x-cache
Miss from cloudfront
9021619587798447779
match.contentexchange.me/adform/ Frame 3142 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.contentexchange.me/adform/9021619587798447779?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
ilog.vsn.si
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
content-length
0
server
nginx/1.16.1
xuid
eb2.3lift.com/ Frame 3142 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=9021619587798447779&dongle=AD20
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
put
e1.emxdgt.com/ Frame 3142 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d52&uid=9021619587798447779
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.128.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-128-62.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
server
awselb/2.0
plf
c1.adform.net/imatch/ Frame 3142 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfl
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=9021619587798447779&agencyId=9068&advertiserId=2177609&src=tp&rnd=933821
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
sa.css
tags.srv.stackadapt.com/ Frame F31D 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a7b2ea1567418dfa760e5cde30e2a0e56bcf4f17c53e29b458b8eca41fbd9e08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ Frame F31D 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
sid
mug.criteo.com/ Frame 1778
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=2&topUrl=www.marchofdimes.org&bundle=LwwhN19RN2NyWjc5b3pRcEZhZ1h3U096Z2NhRUVLJTJCZzB5WWQlMkJqR...
  • https://mug.criteo.com/sid?cpp=Zdb22HxqRE96TlBNUkFneGdEOVhtY1pGZVpJR3FnYXRLWVdXR3BQRndRSHMzUWdkM3V3cTVsWjFKMFRDTXp6c3B3dDFldzltK1k3UUJOZnk3djlGMDB4V0p6b3FpdW56ZEZ6bkdsUXdDNVM0WkNxbkRYajZVTjFpaCs5ND...
460 B
675 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Zdb22HxqRE96TlBNUkFneGdEOVhtY1pGZVpJR3FnYXRLWVdXR3BQRndRSHMzUWdkM3V3cTVsWjFKMFRDTXp6c3B3dDFldzltK1k3UUJOZnk3djlGMDB4V0p6b3FpdW56ZEZ6bkdsUXdDNVM0WkNxbkRYajZVTjFpaCs5NDFiWTBMQ01KWGo4c3RvaHdiZnRqa1kzSU5KSmRVTUZLajlEMTVKa2ZpUy8yT0RtV0wybGhEOFB1YlZlQjRONHd6SEFRRU9yVnN3c1dYVVZhbDIzZGxuMHEremxOMVdKMldCdDR1eDhieURNRXRTMStUWjN2VzNvOFowSnRWa0xsYTBIWkJJeXNpY0MrUW1UdXBzOXlXdUU1dlY5U0FmbE81bDZlbWdaaHlTemo5NFZxb0RmZ1MyZUp1K3pmd0ZOeDE1eUw0VU1HUWRyR1M2UDl2TWNETzRDa2E2UUEvTGc9PXw&cppv=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
794621ac41042c74a0b71317c5305be6bcd89a3401a0057854fc3ef2a5db9009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
8873532
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Zdb22HxqRE96TlBNUkFneGdEOVhtY1pGZVpJR3FnYXRLWVdXR3BQRndRSHMzUWdkM3V3cTVsWjFKMFRDTXp6c3B3dDFldzltK1k3UUJOZnk3djlGMDB4V0p6b3FpdW56ZEZ6bkdsUXdDNVM0WkNxbkRYajZVTjFpaCs5NDFiWTBMQ01KWGo4c3RvaHdiZnRqa1kzSU5KSmRVTUZLajlEMTVKa2ZpUy8yT0RtV0wybGhEOFB1YlZlQjRONHd6SEFRRU9yVnN3c1dYVVZhbDIzZGxuMHEremxOMVdKMldCdDR1eDhieURNRXRTMStUWjN2VzNvOFowSnRWa0xsYTBIWkJJeXNpY0MrUW1UdXBzOXlXdUU1dlY5U0FmbE81bDZlbWdaaHlTemo5NFZxb0RmZ1MyZUp1K3pmd0ZOeDE1eUw0VU1HUWRyR1M2UDl2TWNETzRDa2E2UUEvTGc9PXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
348182
content-length
0
expires
0
pixel;r=189454608;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCODLvdHxvoMDFTbFOwIdO6MIWQ%3Bsrc%3D8832015%3Btype%3Drt%...
pixel.quantserve.com/ Frame F31D 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=189454608;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCODLvdHxvoMDFTbFOwIdO6MIWQ%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D3002171300876%3Bauiddc%3D1938801499.1704204807%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w%3F;ref=https%3A%2F%2Fwww.marchofdimes.org%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-743235468-1704204807587;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=1;et=1704204808002;tzo=-60;ogl=;ses=33ff9628-d17f-410b-b749-1b13837caf6a;mdl=
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 63E9 		474 B
866 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:49 GMT
via
1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
kKvcED8k_pvjOKwvFHyDjB0WiHpDIEXPMf-7KoPV8Escbxu0C7ENKA==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 5480 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:49 GMT
via
1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
pYb_zF-al-IP1KV1yolDdEFmzU94SjxY1VDUO7InRMc9nhGFvJhREg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 2930 		474 B
866 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:49 GMT
via
1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
zu-rIEJNBkMOdM9jlqG9qpqPmNaKSFAxu0Z3ojhKjF7EYu3iP1juTA==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 17A3 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:49 GMT
via
1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
1qwWgq8In__PBgqwu854bgS8H5rx2W7VvLVv322JtsEgYKevjHE1tQ==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 575F 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:49 GMT
via
1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
ZzwhRy45r0s5Zf2hbESgrenBltIhirDO0z-hKfWhXPSSthnsFM9InA==
banks-059715db431d46d5564d03a4d03a508a.json
js.stripe.com/v3/fingerprinted/data/ Frame 575F 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/banks-059715db431d46d5564d03a4d03a508a.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3eeaf7446956d4f52db0d9d320988723bec23129315a8daedf665bab334d6b21
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 13:47:49 GMT
content-encoding
br
via
1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1541
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:04 GMT
server
Cloudfront
etag
W/"059715db431d46d5564d03a4d03a508a"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
OsjVig9yIfi0cHJIqRyuI4luMw9xPL7qm-hlf-QDSbg5ZxQcq9pnZw==
token
api.fundraiseup.com/paymentSession/5001207910501370771/googlePay/ 		244 B
797 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.fundraiseup.com/paymentSession/5001207910501370771/googlePay/token?merchantOrigin=www.marchofdimes.org
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51b763481c66149c1e0ed492bd468fed6357e0dd627d222d23f07d07ab57abed
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
content-security-policy
frame-ancestors 'self' fundraiseup.com
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
x-response-time
71ms
pragma
no-cache
server
cloudflare
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.marchofdimes.org
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5BMmz0KpAQB%2BJgcSPHGzgpz2n6Fp0Huk0iNobWgH252KMsf661O18h%2FswoOJJxm%2F3yz%2BDi37h8Rhz61jtMSoUEvWBin%2BDiBMqKDJ6knerCpJr6cvzY0fklBJQAgae4m4tSZTcw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83f39a528bfd367e-FRA
expires
0
tb
fndrsp-checkout.net/ 		2 B
271 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp-checkout.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvNGB0SUsYBkHWAitfcXJZqAZfESlEytijIBMVoABB3djs2Mor9bObQ%2B4R8Uy6xQ844TlHkYBDZRTZDpL4wp6cMvCKt70OJQS8%2B0czZKF2yEOICK7toW3A7Sdlsv%2FT6ziN7Luvqk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39a530ef9f130-CDG
alt-svc
h3=":443"; ma=86400
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808650904
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808650750
access-control-allow-credentials
true
content-length
0
wallet-config
merchant-ui-api.stripe.com/elements/ Frame 4BA8 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.137.150.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5d8714d6910f2b68e63dd97927fe794ac4b78df4a848e0a4cce330a7d619f5ab
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
2474
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to=https://q.stripe.com/coop-report
expires
0
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808652536
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808652038
access-control-allow-credentials
true
content-length
0
index.html
www.paypalobjects.com/muse/analytics/ Frame E3EC 		55 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B6) /
Resource Hash
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16892
content-type
text/html
date
Tue, 02 Jan 2024 14:13:28 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc"
expires
Tue, 02 Jan 2024 15:13:28 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
0c17123d9a14a
server
ECAcc (ama/48B6)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-00000000000000000000c17123d9a14a-d70a49df8ada56c7-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
b
r.stripe.com/ Frame 4BA8 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808652715
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808652231
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808652629
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204808652137
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4BA8 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808651015
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808650513
access-control-allow-credentials
true
content-length
0
/
www.facebook.com/tr/ Frame F31D 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=812396462484872&ev=PageView&dl=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCODLvdHxvoMDFTbFOwIdO6MIWQ%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D3002171300876%3Bauiddc%3D1938801499.1704204807%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w%3F&rl=https%3A%2F%2Fwww.marchofdimes.org%2F&if=true&ts=1704204808175&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=other&it=1704204807950&coo=false&rqm=GET
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CODLvdHxvoMDFTbFOwIdO6MIWQ;src=8832015;type=rt;cat=donforms;ord=3002171300876;auiddc=1938801499.1704204807;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:13:28 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808650871
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204808650647
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808652139
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204808651896
access-control-allow-credentials
true
content-length
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 63E9 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:49 GMT
via
1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
3uJYzTe-41_K6AHYAnB58pdAPWe07lrAcVAZFEZguo3GF_uSNcf-ow==
b
r.stripe.com/ Frame 4BA8 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808652271
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808651872
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4BA8 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808652517
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808652126
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808652431
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204808652193
access-control-allow-credentials
true
content-length
0
noop.js
www.paypalobjects.com/muse/ Frame E3EC 		18 B
210 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (daa/7CCC) /
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypalobjects.com/muse/analytics/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
paypal-debug-id
b7eee1bb7bf2e
dc
ccg11-origin-www-1.paypal.com
content-length
18
last-modified
Sat, 13 Feb 2021 00:26:56 GMT
server
ECAcc (daa/7CCC)
traceparent
00-0000000000000000000b7eee1bb7bf2e-530922fd673f0f05-01
etag
"60271cd0-12"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 02 Jan 2024 14:13:27 GMT
saq_pxl
tags.srv.stackadapt.com/ Frame F31D 		116 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=zFWBFWbS14YYtkU1aQYdUw&is_js=true&landing_url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w%3F&t=&tip=Hjtdt4NS49BsBaLeXwljyLwkuILLVrTlOJEPS0lX9l8&host=https%3A%2F%2F8832015.fls.doubleclick.net&sa_conv_data_css_value=%270-500872fa-7a65-5561-5ceb-1d8da5d38911%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9500872fa7a6555615ceb1d8da5d389112d8d984c&sa-user-id-v3=s%253AAQAKICi_UwGIV8YzPpAr0X0RxUo3DmFNfR8Wg5_GsAhNtTb1EHwYBCCHtNCsBjABOgT90vuTQgQDhqox.RmSH0Aj3LJ3iqF1EBflLHGkgQoZvksE3MWglOFlzrBg&sa-user-id-v2=s%253AUAhy-nplVWFc6x2NpdOJES2NmEw.ytXOL4kuXrYxtzLPLOrElrhOG1OIVtS%252BxyJQ0lmoSKQ&sa-user-id=s%253A0-500872fa-7a65-5561-5ceb-1d8da5d38911.dCDef%252BBh3%252FFaoJfR%252FdZ5vAbkCAD1fmGrn1KQHuBE9AQ
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ae4ad442fdfac1ade543efd816459a6dfba4aeb6583e6e8cc17aee1dfacb65d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://8832015.fls.doubleclick.net
date
Tue, 02 Jan 2024 14:13:28 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
116
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
ts
t.paypal.com/ Frame 9AD9 		42 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AQC6F4C27ZTBFE-1&page=muse%3Aoffer%3A%3A%3AQC6F4C27ZTBFE-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=427565ab-c1a8-42ab-b84a-a768c3a498ca&es=visitorInfoFlowStarted&mrid=QC6F4C27ZTBFE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1704204808202&g=-60&completeurl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&disableSetCookie=true
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 02 Jan 2024 14:13:28 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
69cbe77e9507a
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230030-FRA
pragma
no-cache
correlation-id
69cbe77e9507a
traceparent
00-000000000000000000069cbe77e9507a-acf27229e8f5550d-01
x-timer
S1704204808.205299,VS0,VE153
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 14:13:28 GMT
b
r.stripe.com/ Frame 63E9 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808651011
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808650544
access-control-allow-credentials
true
content-length
0
/
px.ads.linkedin.com/wa/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 212E42911E77499583CBA679C10FB802 Ref B: FRAEDGE1218 Ref C: 2024-01-02T14:13:28Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://www.marchofdimes.org
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYN9xo56bYIxP9dOZFigw==
pay.js
pay.google.com/gp/p/js/ 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b5d9f772080af3ffd8a6d0c6ba29c219f5b2d0e85ca7d7dc26fd49d0d16f7752
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UUOjJmvQn0RPpAAo8NImHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-UUOjJmvQn0RPpAAo8NImHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 02 Jan 2024 14:13:28 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 5AB3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-H8I4cAb-b_KM7egQ-k--PzIVnrG-F42xHKUXAg&google_cm&google_hm=ay1IOEk0Y0FiLWJfS003ZWdRLWstLVB6SVZuckctRjQye...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-H8I4cAb-b_KM7egQ-k--PzIVnrG-F42xHKUXAg&google_gid=CAESEBrSlcsh53A7HjhMVvPgQ_U&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-H8I4cAb-b_KM7egQ-k--PzIVnrG-F42xHKUXAg&google_gid=CAESEBrSlcsh53A7HjhMVvPgQ_U&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
511885
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-H8I4cAb-b_KM7egQ-k--PzIVnrG-F42xHKUXAg&google_gid=CAESEBrSlcsh53A7HjhMVvPgQ_U&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 5AB3 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-ju0wewb-b_KM7egQ-k--PzIVnrHDg9DvGQ20aQ&expires=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.92.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-92-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 5AB3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6791097123189565003
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6791097123189565003
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1117221
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
an-x-request-uuid
1eb03fa3-2a7d-431f-b640-fff0d93f8318
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6791097123189565003
x-proxy-origin
45.141.152.76; 45.141.152.76; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 5AB3 		57 B
789 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-rLIdpwb-b_KM7egQ-k--PzIVnrFl2G9q4Of8gw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 14:13:28 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:13:28 GMT
tap.php
pixel.rubiconproject.com/ Frame 5AB3 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-479wqwb-b_KM7egQ-k--PzIVnrE7736a7IuOrg&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame 5AB3 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-3dzdJQb-b_KM7egQ-k--PzIVnrF7lyVJgooQvw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-217-182-178.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:27 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 5AB3 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-tcqmxwb-b_KM7egQ-k--PzIVnrHx_f7c18JjrQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12587
um
criteo-sync.teads.tv/ Frame 5AB3 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-xiAVbAb-b_KM7egQ-k--PzIVnrGgL79p6ZwgCg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 14:13:28 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 5AB3 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-2ftP7gb-b_KM7egQ-k--PzIVnrFusHXOZWAK3Q&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 5AB3 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-q0fZjwb-b_KM7egQ-k--PzIVnrGO0r0hd2wLLw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cksync.php
hb.yahoo.net/ Frame 5AB3 		56 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-q0fZjwb-b_KM7egQ-k--PzIVnrGO0r0hd2wLLw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-145.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 02 Jan 2024 14:13:28 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
56
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:13:28 GMT
pixel
cm.adform.net/ Frame 5AB3 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-k8DlLAb-b_KM7egQ-k--PzIVnrG8Vt-McNojrQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
last-modified
Fri, 18 Nov 2022 16:49:04 GMT
server
nginx
accept-ranges
bytes
etag
"6377b780-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 5AB3 		49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-qFR0IAb-b_KM7egQ-k--PzIVnrG85dI_KmzhqQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.133.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-133-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 5AB3 		43 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-YNuFLQb-b_KM7egQ-k--PzIVnrGE1ZuG30TY6w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obk7c%2Bh7IBMDGQ2tDCIb3S2q4ZK5F6junSypbBJ7REttMKKO2ZC%2FQqaegzb1l5vo7TfzLdh7QRbOmHjBm67kME0GiM8BWN9aQhgDpK82T0i0VOvC0oadHrVyExRLdsH4d24e"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83f39a542f961a6b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
ibs:dpid=28645&dpuuid=TZ3T0zh5Rfqsh23U6JXPY3_baMt4hGoP
dpm.demdex.net/ Frame 5AB3
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=TZ3T0zh5Rfqsh23U6JXPY3_baMt4hGoP
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=TZ3T0zh5Rfqsh23U6JXPY3_baMt4hGoP
Protocol
H2
Server
108.129.21.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-21-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-05a291928.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
UDanF3ggTkA=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=TZ3T0zh5Rfqsh23U6JXPY3_baMt4hGoP
date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
754399
content-length
0
9.gif
id5-sync.com/s/966/ Frame 5AB3 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-d2oSDQb-b_KM7egQ-k--PzIVnrH6OYSC4RNxLw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame 5AB3 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-_2-hbQb-b_KM7egQ-k--PzIVnrEwZpSCE25FLQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.81.117.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-117-7.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:13:28 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 5AB3 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-23N3gQb-b_KM7egQ-k--PzIVnrFIZXuAOGEsYA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 5AB3 		0
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-1Lgd4Qb-b_KM7egQ-k--PzIVnrFTiW96xj2AoA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.116.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-116-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame 5AB3 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-mhcE1Qb-b_KM7egQ-k--PzIVnrH8IVV_4PUypA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.93.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-93-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 5AB3 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-SpxOqAb-b_KM7egQ-k--PzIVnrGMz43fLabofA&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:13:28 GMT
Cache-Control
no-cache
X-TraceId
93505abfe1617e6bbbd91cf85cdea3cf
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5AB3 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-mKrNugb-b_KM7egQ-k--PzIVnrFHEcDCBzUUXg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:13:27 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame 5AB3 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-iJfcyQb-b_KM7egQ-k--PzIVnrGnIhdDhuAvmg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.6.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-6-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
sync
criteo-partners.tremorhub.com/ Frame 5AB3 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-2kB2hAb-b_KM7egQ-k--PzIVnrG8GBL49GHpyg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:71a5:abfd:648d:2410 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 02 Jan 2024 14:13:28 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 5AB3 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-fHNdCAb-b_KM7egQ-k--PzIVnrHL7j43C1O36Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.30
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:13:28 GMT
server
Apache
x-powered-by
PHP/7.3.30
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 5AB3 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-EacDfwb-b_KM7egQ-k--PzIVnrHBVPKXH9VzKA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:13:28 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 01 Jan 2024 14:13:28 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 5AB3 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-NVnRlQb-b_KM7egQ-k--PzIVnrGJIZtT-1bK3g&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.216.105.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-105-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame FB9F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-H8I4cAb-b_KM7egQ-k--PzIVnrG-F42xHKUXAg&google_cm&google_hm=ay1IOEk0Y0FiLWJfS003ZWdRLWstLVB6SVZuckctRjQye...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-H8I4cAb-b_KM7egQ-k--PzIVnrG-F42xHKUXAg&google_gid=CAESEBrSlcsh53A7HjhMVvPgQ_U&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-H8I4cAb-b_KM7egQ-k--PzIVnrG-F42xHKUXAg&google_gid=CAESEBrSlcsh53A7HjhMVvPgQ_U&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
637414
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-H8I4cAb-b_KM7egQ-k--PzIVnrG-F42xHKUXAg&google_gid=CAESEBrSlcsh53A7HjhMVvPgQ_U&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame FB9F 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-ju0wewb-b_KM7egQ-k--PzIVnrHDg9DvGQ20aQ&expires=30
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.92.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-92-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame FB9F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6791097123189565003
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6791097123189565003
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
906705
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
an-x-request-uuid
481c4287-cb2d-44f4-a5eb-879832a50b4b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6791097123189565003
x-proxy-origin
45.141.152.76; 45.141.152.76; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame FB9F 		57 B
789 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-rLIdpwb-b_KM7egQ-k--PzIVnrFl2G9q4Of8gw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 14:13:28 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:13:28 GMT
tap.php
pixel.rubiconproject.com/ Frame FB9F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-479wqwb-b_KM7egQ-k--PzIVnrE7736a7IuOrg&expires=30
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame FB9F 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-3dzdJQb-b_KM7egQ-k--PzIVnrF7lyVJgooQvw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-217-182-178.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame FB9F 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-tcqmxwb-b_KM7egQ-k--PzIVnrHx_f7c18JjrQ
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12587
um
criteo-sync.teads.tv/ Frame FB9F 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-xiAVbAb-b_KM7egQ-k--PzIVnrGgL79p6ZwgCg
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 14:13:28 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame FB9F 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-2ftP7gb-b_KM7egQ-k--PzIVnrFusHXOZWAK3Q&dongle=013b
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame FB9F 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-q0fZjwb-b_KM7egQ-k--PzIVnrGO0r0hd2wLLw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cksync.php
hb.yahoo.net/ Frame FB9F 		56 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-q0fZjwb-b_KM7egQ-k--PzIVnrGO0r0hd2wLLw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-145.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 02 Jan 2024 14:13:28 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
56
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:13:28 GMT
pixel
cm.adform.net/ Frame FB9F 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-k8DlLAb-b_KM7egQ-k--PzIVnrG8Vt-McNojrQ
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
last-modified
Fri, 18 Nov 2022 16:49:04 GMT
server
nginx
accept-ranges
bytes
etag
"6377b780-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame FB9F 		49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-qFR0IAb-b_KM7egQ-k--PzIVnrG85dI_KmzhqQ
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.133.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-133-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame FB9F 		43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-YNuFLQb-b_KM7egQ-k--PzIVnrGE1ZuG30TY6w
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9KhweNxdzojtP0zFZRHDzkgZXOKLCzpC9WX%2FDpnaEPGO7aTF1dO34vDCJTGhmnSJyLV%2BXErhMI4wbwF%2B5S96qHg5mtnHgc7OXVrxE8zi4WkJi%2BIEflJ6l10SC94g1zfeo0D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83f39a543fa61a6b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
ibs:dpid=28645&dpuuid=Zm1QHehA7EMVdS37-JRrEnbgkDM08w9G
dpm.demdex.net/ Frame FB9F
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Zm1QHehA7EMVdS37-JRrEnbgkDM08w9G
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Zm1QHehA7EMVdS37-JRrEnbgkDM08w9G
Protocol
H2
Server
108.129.21.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-21-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-022e7ff67.edge-irl1.demdex.com 4 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
1K3Hq5Y+QhI=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Zm1QHehA7EMVdS37-JRrEnbgkDM08w9G
date
Tue, 02 Jan 2024 14:13:27 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
705245
content-length
0
9.gif
id5-sync.com/s/966/ Frame FB9F 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-d2oSDQb-b_KM7egQ-k--PzIVnrH6OYSC4RNxLw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame FB9F 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-_2-hbQb-b_KM7egQ-k--PzIVnrEwZpSCE25FLQ
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.81.117.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-117-7.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:13:28 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame FB9F 		42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-23N3gQb-b_KM7egQ-k--PzIVnrFIZXuAOGEsYA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame FB9F 		0
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-1Lgd4Qb-b_KM7egQ-k--PzIVnrFTiW96xj2AoA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.116.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-116-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame FB9F 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-mhcE1Qb-b_KM7egQ-k--PzIVnrH8IVV_4PUypA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.93.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-93-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame FB9F 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-SpxOqAb-b_KM7egQ-k--PzIVnrGMz43fLabofA&initiator=partner
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:13:28 GMT
Cache-Control
no-cache
X-TraceId
41335d51e63697a2aff1683bcc2cb5d2
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame FB9F 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-mKrNugb-b_KM7egQ-k--PzIVnrFHEcDCBzUUXg
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame FB9F 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-iJfcyQb-b_KM7egQ-k--PzIVnrGnIhdDhuAvmg
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.6.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-6-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
sync
criteo-partners.tremorhub.com/ Frame FB9F 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-2kB2hAb-b_KM7egQ-k--PzIVnrG8GBL49GHpyg
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:71a5:abfd:648d:2410 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 02 Jan 2024 14:13:28 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame FB9F 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-fHNdCAb-b_KM7egQ-k--PzIVnrHL7j43C1O36Q
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:13:28 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame FB9F 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-EacDfwb-b_KM7egQ-k--PzIVnrHBVPKXH9VzKA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:13:28 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 01 Jan 2024 14:13:28 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame FB9F 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-NVnRlQb-b_KM7egQ-k--PzIVnrGJIZtT-1bK3g&pn_id=criteo&ext=1
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.216.105.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-105-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
content-length
0
setuid
ib.adnxs.com/ Frame 5AB3 		43 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-HMNbQQb-b_KM7egQ-k--PzIVnrFG3pK9ZMtx_w
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
an-x-request-uuid
f538d196-2c32-4ce7-9d48-5b7614ad5c96
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.76; 45.141.152.76; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/ Frame FB9F 		43 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-HMNbQQb-b_KM7egQ-k--PzIVnrFG3pK9ZMtx_w
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
an-x-request-uuid
dd10f13e-15fa-41a5-b0f4-b7b25e2367c8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.76; 45.141.152.76; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58301/ Frame 5AB3 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-q0fZjwb-b_KM7egQ-k--PzIVnrGO0r0hd2wLLw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/58301/ Frame FB9F 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-q0fZjwb-b_KM7egQ-k--PzIVnrGO0r0hd2wLLw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch.gif
beacon.krxd.net/ Frame 5AB3
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XsZHyliKydcwlEFxJRXpVSvnciC_xQV3
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XsZHyliKydcwlEFxJRXpVSvnciC_xQV3
Protocol
H2
Server
34.250.78.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-78-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n004-dub-prod.krxd.net
date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=41 t=1704204808
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XsZHyliKydcwlEFxJRXpVSvnciC_xQV3
date
Tue, 02 Jan 2024 14:13:27 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1071287
content-length
0
usermatch.gif
beacon.krxd.net/ Frame FB9F
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=M_QItZYCjORyEcGQZMpksBntAj8vi_Mr
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=M_QItZYCjORyEcGQZMpksBntAj8vi_Mr
Protocol
H2
Server
34.250.78.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-78-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n008-dub-prod.krxd.net
date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=22 t=1704204808
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=M_QItZYCjORyEcGQZMpksBntAj8vi_Mr
date
Tue, 02 Jan 2024 14:13:27 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
729559
content-length
0
graphql
www.paypal.com/targeting/ Frame E3EC 		435 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3a6d32510414316b67ac39bceb49575f8045621ba1eef7bb962e9096867a5d42
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-j7/BdsDGJh/olsd6Q5/LO0flWOfwTSAE1/GiSTF46YliWArK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
disable-set-cookie
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-j7/BdsDGJh/olsd6Q5/LO0flWOfwTSAE1/GiSTF46YliWArK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f861113e7acc2
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230056-FRA, cache-fra-eddf8230056-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f861113e7acc2-d4c81ecb9b1030d5-01
x-timer
S1704204809.607535,VS0,VE241
etag
W/"1b3-WBqTcHV4EbgT/iHxN4mUHhf6jnc"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
payframe
pay.google.com/gp/p/ui/ Frame F843 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.marchofdimes.org&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
367a739d76c10478e59fb5c1e6e0f8576b06244917b3547e4bd5a4f561c77097
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hSMXxUeEbl6imriZZh_3Wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-hSMXxUeEbl6imriZZh_3Wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 02 Jan 2024 14:13:28 GMT
expires
Tue, 02 Jan 2024 14:13:28 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,disable-set-cookie
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,disable-set-cookie
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 02 Jan 2024 14:13:28 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f32858618ae63
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f32858618ae63-740d631d3f6b2304-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
x-timer
S1704204808.407107,VS0,VE184
6
m.stripe.com/ Frame 8DB4 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.100.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-100-182.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
bd6bc2f4766cf440a7ee57a1063bc686d2c963315c78b7f880f234beabd137bd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808664409
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204808663917
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6
m.stripe.com/ Frame 8DB4 		156 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.100.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-100-182.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
bd6bc2f4766cf440a7ee57a1063bc686d2c963315c78b7f880f234beabd137bd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808714367
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204808714104
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808705166
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808704823
access-control-allow-credentials
true
content-length
0
hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
js.stripe.com/v3/ Frame 2A14 		70 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
06a1918709ba854bcfe97ef585a6cd91c56671b6d23c7ee5ed5177ad97e67243
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
54
cache-control
max-age=60
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self'; style-src 'self'; worker-src https://newassets.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:12:36 GMT
etag
W/"078b5f9fb44d244a9ec072f93a216630"
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
x-amz-cf-id
e77qCc2JMdrshQgdmAO-El8D2mZpaiJIzJw6V8aUm4WP1PaGpw0iSg==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
b
r.stripe.com/ Frame 4BA8 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808713070
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204808712808
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808713736
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204808713457
access-control-allow-credentials
true
content-length
0
csp-report
q.stripe.com/ Frame 2A14 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808729440
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808729052
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 2A14 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808730244
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808729960
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 2A14 		0
714 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808730410
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204808730104
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 2A14 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:12:49 GMT
via
1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
S6boSRJUe_9YSAi_BNxfYKsmHpGmqdcnbq3arjY1vV9gyrbVsSFqkg==
HCaptchaInvisible.html
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame E115 		419 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=6c371f68-68db-460a-8fbc-84ba56e9cff3&origin=https%3A%2F%2Fjs.stripe.com
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:3200:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
368dd7da190a6dab28436caf13245f59879fdb08fb07f4bf0b9e5f6b6e4fe7d2
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
19
cache-control
max-age=60
content-length
419
content-security-policy
base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:13:19 GMT
etag
"f2595495e2e037e4030e4508b2132de6"
last-modified
Wed, 20 Dec 2023 10:13:46 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding,Origin
via
1.1 e854bbca657208a759bb2d8d135f9d78.cloudfront.net (CloudFront)
x-amz-cf-id
U5P1pGxHYd27_PBWyiPC58DJcalMhdceIJfb0U_kNCnJhzABxbGUrA==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame F843 		159 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.marchofdimes.org&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:20:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
593566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57423
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 13:07:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 17:20:42 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame F843 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
unip
trc-events.taboola.com/1335104/log/3/ 		0
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1335104/log/3/unip?en=pre_d_eng_tb&tos=1587&scd=0&ssd=1&est=1704204807108&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1704204808694&vi=1704204807106&ri=088fc6b05749656a606a9c057798dcaa&sd=v2_82a9358b1bd4bb29d3c9fc0c4ae75823_32eb6905-d9ba-416e-911b-4a63a85a1c49-tuctc8d9f87_1704204807_1704204807_CIi3jgYQwL5RGMLXltTMMSABKAEwODib4wlAgooQSMzd3ANQ____________AVgAYABol9TM2v-Z45zBAXAB&ui=32eb6905-d9ba-416e-911b-4a63a85a1c49-tuctc8d9f87&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&ler=other&cbp=OneTrust&cbpv=1&cbcd=%2CC0003%2CC0001%2CC0002%2CC0004%2C
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.marchofdimes.org
pragma
no-cache
date
Tue, 02 Jan 2024 14:13:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
api.js
hcaptcha.com/1/ Frame E115 		326 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=6c371f68-68db-460a-8fbc-84ba56e9cff3&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b.stripecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 42feecb57a2a4d3ece0a33f7c279b80a.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age
0
x-amz-cf-pop
CDG50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Dec 2023 14:33:57 GMT
server
cloudflare
etag
W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
cf-ray
83f39a56af51373d-FRA
x-amz-cf-id
FytbI4qW4_5lSTO7R24BAH_A0P3Cg9OqqXt0Id7bZkQWLZDP61bhPw==
vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~1c9fb8cc.4ccf3f5b466328f5ff42.bundle.js
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame E115 		114 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~1c9fb8cc.4ccf3f5b466328f5ff42.bundle.js
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=6c371f68-68db-460a-8fbc-84ba56e9cff3&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:3200:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
301850f8ca8b8c106497210d9d78aa7b4e1339f42f01aebff119f7f633984966
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=6c371f68-68db-460a-8fbc-84ba56e9cff3&origin=https%3A%2F%2Fjs.stripe.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 13:42:32 GMT
via
1.1 e854bbca657208a759bb2d8d135f9d78.cloudfront.net (CloudFront)
age
1880
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Wed, 20 Dec 2023 10:13:46 GMT
server
Cloudfront
etag
W/"bee965892c4aac937bcf9539ea1cdb95"
vary
Accept-Encoding,Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=31536000, public
timing-allow-origin
*
x-amz-cf-id
Yegs326aPdOZIzXgMb896XFNNtOCMYce9SU8LIZiFKlbROyYEEUe5g==
HCaptchaInvisible.ae63b51d892d21e8f568.bundle.js
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame E115 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.ae63b51d892d21e8f568.bundle.js
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=6c371f68-68db-460a-8fbc-84ba56e9cff3&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:3200:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
5ab11304d671d352bac6554d49fffd0f81d7ed1bced6bdf9c021e6e0fa538494
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=6c371f68-68db-460a-8fbc-84ba56e9cff3&origin=https%3A%2F%2Fjs.stripe.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 13:28:24 GMT
via
1.1 e854bbca657208a759bb2d8d135f9d78.cloudfront.net (CloudFront)
age
2735
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Wed, 20 Dec 2023 10:13:46 GMT
server
Cloudfront
etag
W/"b8e83aaf649bb3940fb65537c506c37a"
vary
Accept-Encoding,Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=31536000, public
timing-allow-origin
*
x-amz-cf-id
DaUzGYMzCKXwE8T_GqwSAt3BDIrJHF0BtoNlL1VRqdWac02SuaLB0A==
csp-report
q.stripe.com/ Frame E115 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://b.stripecdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204808808403
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1704204808808074
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame F843 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 05:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27264
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 05:00:23 GMT
pay
pay.google.com/gp/p/ui/ Frame F843 		1 MB
376 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
988bde890e8c2cf9ca82762c4c050784e2d991ea915e2975eb87387520cd12e1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gx3kt4sCD-s7GAwqDr_YkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-gx3kt4sCD-s7GAwqDr_YkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 02 Jan 2024 14:13:28 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame F843 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 04:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3732
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 04:01:18 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame F843 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 04:48:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14260
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 04:48:06 GMT
log
play.google.com/ Frame F843 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:13:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:13:28 GMT
expires
Tue, 02 Jan 2024 14:13:28 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F843 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:13:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:13:28 GMT
expires
Tue, 02 Jan 2024 14:13:28 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F843 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:13:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:13:28 GMT
expires
Tue, 02 Jan 2024 14:13:28 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F843 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:13:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:13:28 GMT
expires
Tue, 02 Jan 2024 14:13:28 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F843 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:13:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:13:28 GMT
expires
Tue, 02 Jan 2024 14:13:28 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F843 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:13:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:13:28 GMT
expires
Tue, 02 Jan 2024 14:13:28 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/3b797c3/static/ Frame 553A 		2 KB
1014 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=sr2esco6vmn
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e03fc0ba3252318f3c219890efdc2ae119947e00b51667452e164e21d67a4ab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://b.stripecdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
625512
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
83f39a571fce373d-FRA
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:13:28 GMT
last-modified
Wed, 20 Dec 2023 14:33:57 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 42feecb57a2a4d3ece0a33f7c279b80a.cloudfront.net (CloudFront)
x-amz-cf-id
gFBQaEfvG_7VF04Ua0xzyrA9izzVjLGL0WSvH-ig_Gp4k_xQw4N4CQ==
x-amz-cf-pop
CDG50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
zqmRvj.5H3xz3glqyfc6p0MpeMIvCHe2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808887071
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204808886898
access-control-allow-credentials
true
content-length
0
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/3b797c3/ Frame 553A 		326 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=sr2esco6vmn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=sr2esco6vmn
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 42feecb57a2a4d3ece0a33f7c279b80a.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age
625483
x-amz-cf-pop
CDG50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Dec 2023 14:33:57 GMT
server
cloudflare
etag
W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
83f39a573800373d-FRA
x-amz-cf-id
FytbI4qW4_5lSTO7R24BAH_A0P3Cg9OqqXt0Id7bZkQWLZDP61bhPw==
b
r.stripe.com/ Frame 8AFC 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808942612
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204808942261
access-control-allow-credentials
true
content-length
0
checksiteconfig
api2.hcaptcha.com/ Frame 553A 		719 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.hcaptcha.com/checksiteconfig?v=3b797c3&host=b.stripecdn.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&sc=1&swa=1&spst=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cce92b2179736d73b066138961f8f33ff0039291f05146c1047d0b276d7b006
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
83f39a579881373d-FRA
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc
h3=":443"; ma=86400
b
r.stripe.com/ Frame 8AFC 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:28 GMT
x-stripe-server-envoy-start-time-us
1704204808963203
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204808962717
access-control-allow-credentials
true
content-length
0
hsw.js
newassets.hcaptcha.com/c/2458d9b/ Frame 553A 		499 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/2458d9b/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0c067d3512326ee1d73cce9dccbb1bb59c24b279df3ea650ddf80578182bda6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=sr2esco6vmn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
1JhSB37kavMYpA6c5WxU_Q.zUc_dI7mQ
age
481987
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:59:11 GMT
server
cloudflare
etag
W/"9d671418ff661c7370b4e3530ac92335"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
83f39a57ce3c9000-FRA
x-amz-cf-id
Wrsibzo0DKxk6WozQEMVsXg1ycpq4eJPTI8cFnlISI_DVdmBorqSag==
463b917e-e264-403f-ad34-34af0ee10294
api.hcaptcha.com/getcaptcha/ Frame 553A 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bbc99a6b0a7d923015cdc3e9d371e6ffb39b52923943ad6e4bd15ef3deda290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:13:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
83f39a58ea8f373d-FRA
alt-svc
h3=":443"; ma=86400
tb
fndrsp-checkout.net/ 		2 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp-checkout.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:13:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okRKQ55PjBrLeRrE9z550eN44FeX1iVYOsMqdiDUo5V%2FoddC5CwPwTp2HFVzw3jYrDV%2BIpFINM1Z8JhECb21VWyBP%2B0PdF3sznasOUj4HRWxC0SsYrpnb7%2BiZJMj8vEotSZk7Sp%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39a594ca9b7ae-AMS
alt-svc
h3=":443"; ma=86400
b
r.stripe.com/ Frame 63E9 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:29 GMT
x-stripe-server-envoy-start-time-us
1704204809286613
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204809286189
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 4BA8 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:13:30 GMT
x-stripe-server-envoy-start-time-us
1704204810364846
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204810364456
access-control-allow-credentials
true
content-length
0
unip
trc-events.taboola.com/1335104/log/3/ 		0
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1335104/log/3/unip?en=pre_d_eng_tb&tos=4588&scd=0&ssd=1&est=1704204807108&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1704204811696&vi=1704204807106&ri=088fc6b05749656a606a9c057798dcaa&sd=v2_82a9358b1bd4bb29d3c9fc0c4ae75823_32eb6905-d9ba-416e-911b-4a63a85a1c49-tuctc8d9f87_1704204807_1704204807_CIi3jgYQwL5RGMLXltTMMSABKAEwODib4wlAgooQSMzd3ANQ____________AVgAYABol9TM2v-Z45zBAXAB&ui=32eb6905-d9ba-416e-911b-4a63a85a1c49-tuctc8d9f87&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&ler=other&cbp=OneTrust&cbpv=1&cbcd=%2CC0003%2CC0001%2CC0002%2CC0004%2C
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.marchofdimes.org
pragma
no-cache
date
Tue, 02 Jan 2024 14:13:31 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je3bt0v894839724z8894218235&_p=1704204806879&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=110285396.1704204807&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1704204807&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&dt=Donate%20Now%20%7C%20March%20of%20Dimes&en=Fundraise%20Up%20Checkout%20Open&ep.CampaignID=FUNHQNAJCAL&ep.CampaignCode=GGGGENWB2200CG0012G6DNW&ep.CampaignName=Default%20Donate%20Now&ep.IsLivemode=true&_et=454&tfd=7159
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:13:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ Frame 9AD9 		176 B
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-19.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:00 GMT
via
1.1 c56940b696de15630f45de7e4da7bb32.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
106
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
176
last-modified
Thu, 21 Dec 2023 18:13:43 GMT
server
Cloudfront
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
TgEr-bC4TngVnEBf3NsPdcMlTrWgGO47ognMebZKo4PoJuVDrOvRjw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.adsafety.net
URL
https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=9021619587798447779

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| documentPictureInPicture object| __cfQR object| __cfBeacon object| OneTrustStub function| OptanonWrapper function| FundraiseUp string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| drupalSettings object| Drupal object| webpackChunkgesso object| Donation5Reminder function| formatCurrency function| format2 function| checkEditCalculationPageExists object| gsapVersions boolean| __cfRLUnblockHandlers object| Optanon object| OneTrust object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __tfa_pixel_init object| _tfa string| _linkedin_data_partner_id object| _qevents function| obApi function| fbq function| _fbq object| resonateAnalytics number| randomNumber object| scriptTag object| insertionNode string| conversionTag string| TiktokAnalyticsObject object| ttq object| _adftrack object| funEmbed object| FUN_SERVICE_CONTAINER object| FUN object| FUN_ELEMENT_KEYS boolean| FUN_IS_MALFORMED_ENV function| ttd_dom_ready function| TTDUniversalPixelApi function| gtag function| UET function| UET_init function| UET_push object| gaplugins object| gaGlobal object| gaData function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| webpackChunk_fundraiseup_checkout object| ueto_52c5e09131 object| uetq function| onYouTubeIframeAPIReady function| lintrk boolean| _already_called_lintrk function| quantserve function| __qc object| ezt object| _qoptions object| google_optimize function| AdelphicUniversalPixel function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc function| stcc object| GooglebQhCsO object| funElementsApi function| omrhp object| Adform object| KJUR object| adf object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| setImmediate function| clearImmediate object| __SENTRY__ object| webpackChunkStripeJSouter function| noop function| Stripe function| apiObj object| ORIBILI object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchantIdsHashedValueListForGpayButtonVariant string| dynamicGpayButtonVariant object| google

90 Cookies

Domain/Path Name / Value
.taboola.com/truenorth-marchofdimes-sc/ Name: taboola_session_id
Value: v2_82a9358b1bd4bb29d3c9fc0c4ae75823_32eb6905-d9ba-416e-911b-4a63a85a1c49-tuctc8d9f87_1704204807_1704204807_CIi3jgYQwL5RGMLXltTMMSABKAEwODib4wlAgooQSMzd3ANQ____________AVgAYABol9TM2v-Z45zBAXAB
.www.marchofdimes.org/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Jan+02+2024+15%3A13%3A26+GMT%2B0100+(Central+European+Standard+Time)&version=202309.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=abfb4059-afad-4226-aaf5-0f86321121e8&interactionCount=0&landingPath=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ__Kktj0cGReCzpM4Xdci68Z8mBL3eN3rZ5GAJirmR-4GJa5RPl_5O9YNh5ifUjdE1eWy-Z7g_HL1yZ0Eyk6yUQK5pMUauYLFkL2n2w&groups=C0003%3A1%2CC0001%3A1%2CC0002%3A1%2CC0004%3A1
.marchofdimes.org/ Name: _gcl_au
Value: 1.1.1938801499.1704204807
.marchofdimes.org/ Name: fundraiseup_stat
Value:
.marchofdimes.org/ Name: fundraiseup_cid
Value: 17042048070353050180
.doubleclick.net/ Name: APC
Value: AfxxVi5-TZaHCB9KVd5q2E7asM5dyyq6yxWCyUEzpjTHEb_Db8iusw
.marchofdimes.org/ Name: _gid
Value: GA1.2.861030391.1704204807
.marchofdimes.org/ Name: _gat_UA-219864-60
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkZai9rif0i-lA-HxA9e8IPddISbEaG1pPfc7JMMmcJBzOD-cUmqveA3k7gocQ
.marchofdimes.org/ Name: _uetsid
Value: 190a49a0a97911eeb94be77a41386c64
.marchofdimes.org/ Name: _uetvid
Value: 190a67d0a97911ee86d7f3d3d4f4f16e
.taboola.com/ Name: t_gid
Value: 32eb6905-d9ba-416e-911b-4a63a85a1c49-tuctc8d9f87
.taboola.com/ Name: t_pt_gid
Value: 32eb6905-d9ba-416e-911b-4a63a85a1c49-tuctc8d9f87
.marchofdimes.org/ Name: _ga
Value: GA1.1.110285396.1704204807
.tiktok.com/ Name: _ttp
Value: 2aP0G4jmZv570JdbvL74xjKFQdA
.bing.com/ Name: MUID
Value: 1615EDDA1E7060391DD0FE201F7061C1
.marchofdimes.org/ Name: _fbp
Value: fb.1.1704204807313.455058338
.quantserve.com/ Name: mc
Value: 65941a07-4ffc4-2b3da-daea9
.marchofdimes.org/ Name: __qca
Value: P0-1661369522-1704204807196
.marchofdimes.org/ Name: _tt_enable_cookie
Value: 1
.marchofdimes.org/ Name: _ttp
Value: --NObncGypBn7ubpCQo8ZhOUHiH
.marchofdimes.org/ Name: fundraiseup_func
Value: {%22t%22:%22.marchofdimes.org%22%2C%22s%22:%221704204807043%22%2C%22sp%22:1%2C%22x%22:%2210%22}
.linkedin.com/ Name: li_sugr
Value: 6c9d74b9-368b-4bd0-9574-c8c935c0fe63
.linkedin.com/ Name: bcookie
Value: "v=2&b6fa5f4e-961f-4934-837d-0418a1b98d53"
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2822:u=1:x=1:i=1704204807:t=1704291207:v=2:sig=AQF4HsYj7zMStKcIDygLJNtOL5-iKqjO"
.acuityplatform.com/ Name: auid
Value: 871904405026
.adnxs.com/ Name: uuid2
Value: 6791097123189565003
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-500872fa-7a65-5561-5ceb-1d8da5d38911.dCDef%2BBh3%2FFaoJfR%2FdZ5vAbkCAD1fmGrn1KQHuBE9AQ
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-500872fa-7a65-5561-5ceb-1d8da5d38911.dCDef%2BBh3%2FFaoJfR%2FdZ5vAbkCAD1fmGrn1KQHuBE9AQ
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AUAhy-nplVWFc6x2NpdOJES2NmEw.ytXOL4kuXrYxtzLPLOrElrhOG1OIVtS%2BxyJQ0lmoSKQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AUAhy-nplVWFc6x2NpdOJES2NmEw.ytXOL4kuXrYxtzLPLOrElrhOG1OIVtS%2BxyJQ0lmoSKQ
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICi_UwGIV8YzPpAr0X0RxUo3DmFNfR8Wg5_GsAhNtTb1EHwYBCCHtNCsBjABOgT90vuTQgQDhqox.RmSH0Aj3LJ3iqF1EBflLHGkgQoZvksE3MWglOFlzrBg
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICi_UwGIV8YzPpAr0X0RxUo3DmFNfR8Wg5_GsAhNtTb1EHwYBCCHtNCsBjABOgT90vuTQgQDhqox.RmSH0Aj3LJ3iqF1EBflLHGkgQoZvksE3MWglOFlzrBg
.adform.net/ Name: C
Value: 1
.adform.net/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: fc29cee2-65d8-4ea6-a62f-e549d227da3a
.marchofdimes.org/ Name: _ga_0DRBVSJJB1
Value: GS1.1.1704204807.1.0.1704204807.0.0.0
.bing.com/ Name: MSPTC
Value: AhGyiFWM6QrmgGFwHpMCjPwVRP65wlR7tnY-z9Kja90
.adform.net/ Name: uid
Value: 9021619587798447779
.adform.net/ Name: CM
Value: 1|1
.linkedin.com/ Name: UserMatchHistory
Value: AQJsSqKpkNdsHwAAAYzKha3dgXVr3ibph-9Amw0AbkbnSBfLFBK-7rkHijWkH1nmzIDUaTRJGB99qA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJqtZIlFctx3QAAAYzKha3d9ZbTlxQNjjIlUXdJpQYSvKL1qdNn_9jCp0T13nxTybLxcWjF-H66CmIVw9F1QA
.ipredictive.com/ Name: cu
Value: 1c98c337-0d65-4163-9d35-9e0a2ee5cadc|1704204807693
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDQyMDQ4MDc7MjswMjFQfw9eaQdV/o3u1C3niPb/dn7EDW7WGgTcYVy7wn2a+A==
.www.linkedin.com/ Name: bscookie
Value: "v=1&202401021413279c5c2b58-aeb7-4e06-8ffa-013beeee087fAQGnLu1VGMqVtHQeekm6xTRBwOvLyd2k"
.adform.net/ Name: CM14
Value: 1704291207_1704204807_1_Hu7u4e4e4R7u4e4REREeEREREQ
www.marchofdimes.org/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1704204807969%7D
.seadform.net/ Name: uid
Value: 9021619587798447779
.eyeota.net/ Name: SERVERID
Value: 20357~DM
.casalemedia.com/ Name: CMID
Value: ZZQaCGpXFA92JVAi1zFqRgAA
.casalemedia.com/ Name: CMPS
Value: 1164
.casalemedia.com/ Name: CMPRO
Value: 1164
.ads.stickyadstv.com/ Name: uid-bp-617
Value: 9021619587798447779
.ads.stickyadstv.com/ Name: UID
Value: 111b9ceafb9e02d3731a235a9e6374c
.exelator.com/ Name: EE
Value: "ac20135c17b4d35374a4a4fb21c6e1f2"
.semasio.net/ Name: SEUNCY
Value: 3E1E700B7C70BB13
.krxd.net/ Name: _kuid_
Value: QAwLvnEe
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSEx2cjA0Ng02dA8ySTF2NTY3CQRCNOSjAyTzVIN04wWl6UWLVhaWpyaknRoSUVOSU7T6rL4UMd4N0dfT5%252FIZc4ZRfm5qSvAQmGuQYsNjQyW5Bdlpi9ycV1clJLGsKik%252BFTwsVRnAJWkKeQ%253D"
.adfarm1.adition.com/ Name: UserID1
Value: 7319503916052904087
.w55c.net/ Name: wfivefivec
Value: g0c21uF31RkFwk5
.w55c.net/ Name: matchadform
Value: 5
.demdex.net/ Name: demdex
Value: 07137639159710534292821716892233515511
.audrte.com/ Name: arcki2
Value: bchmmYhIvAfT1WDtljQSV3w1w!20220908!1704204808240!ip#45.141.152.76
.audrte.com/ Name: arcki2_adform
Value: 9021619587798447779!20220908!1704204808240
.dpm.demdex.net/ Name: dpm
Value: 07137639159710534292821716892233515511
.audrte.com/ Name: arcki2_ddp2
Value: bchmmYhIvAfT1WDtljQSV3w1w!20220908!1704204808296
.bluekai.com/ Name: bku
Value: aG/999QSksUJoUyR
.bluekai.com/ Name: bkpa
Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwEAy1MWt1EANmezlmEQ6BezlBpAe9JTjYaR=
.weborama.fr/ Name: AFFICHE_W
Value: NO5nqiw@MxU069
.agkn.com/ Name: ab
Value: 0001%3A1rCbkwp%2BXZ4c%2BArLSJi5%2FYtRu%2F%2FeqkGb
.adnxs.com/ Name: anj
Value: dTM7k!M40<D>6NRF']wIg2Hc'Ddpg`!A#Ej.TOKIDnQ502A6X?N[_]tXw#eFa`jToQ5A9W))VylD4Ea2O=`@IP9R>>:ckMX^Cy4<D%8H-b]T*nG6qSo`b]P8U#S6-Siny(N`b6XHg6FJ6H@h`9Rkfl9RrTq.>bXz
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-1Lgd4Qb-b_KM7egQ-k--PzIVnrFTiW96xj2AoA%22%2C%22version%22%3A%22criteo%22%7D
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%2219ca7660-a979-11ee-b42b-7377328e8969%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2219ca7660-a979-11ee-b42b-7377328e8969%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%2219ca7660-a979-11ee-b42b-7377328e8969%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2219ca7660-a979-11ee-b42b-7377328e8969%22%2C%22version%22%3A%22eu-v1%22%7D
.google.com/ Name: NID
Value: 511=nq_EBSxnKqMT8WtNvY2ex8ekC-9Qfb4k9MHBH4GR2COwgMnUbzFd5Kzp1sB1Viq7wVeZnl-FR7-Bv_ROafJvtfUMeqs2VVBYG5BKisP4H4twKvsNywIYyi0RLy8A3Pt7CAouVDqB_uGwUx9lQ6ImbDrzgsAIX_XJnQgnkZhA1EY
.omnitagjs.com/ Name: ayl_visitor
Value: ed6ac611a0dd850502aa14c121c51b60
.www.marchofdimes.org/ Name: __stripe_mid
Value: a0326fcb-1918-4ed9-976c-62ce69c78004d50c80
.www.marchofdimes.org/ Name: __stripe_sid
Value: 921d320f-926c-47fe-87ec-a1472d3f553306a38e
m.stripe.com/ Name: m
Value: 2a0e63e3-8c0f-4cb3-8d14-96542541ef1a55aae1
.media.net/ Name: data-c-ts
Value: 1704204808
.media.net/ Name: data-c
Value: k-rLIdpwb-b_KM7egQ-k--PzIVnrFl2G9q4Of8gw~~3
.tremorhub.com/ Name: tv_UICR
Value: k-2kB2hAb-b_KM7egQ-k--PzIVnrG8GBL49GHpyg
.tremorhub.com/ Name: tvid
Value: a53a828396c64b8b96d55b1a13b11004
.media.net/ Name: visitor-id
Value: 3472064083740858000V10
.postrelease.com/ Name: opt_out
Value: 1
api2.hcaptcha.com/ Name: __cflb
Value: 0H28vk2VKwPbLoawFj9mU2fhedYxxWRCn8yQqrEGTPb
api.hcaptcha.com/ Name: hmt_id
Value: 35278b1d-7511-496f-9783-7fbb65a27259

16 Console Messages

Source Level URL
Text
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=871948834737?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=871948834737?(Line 142)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other warning URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Message:
Allow attribute will take precedence over 'allowpaymentrequest'.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://idsync.rlcdn.com/398366.gif?partner_uid=9021619587798447779
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9021619587798447779/gdpr=/gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html#debugMode=false&parentOrigin=https%3A%2F%2Fwww.marchofdimes.org(Line 2)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='), or a nonce ('nonce-...') is required to enable inline execution.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-bJllDBUUdZRtgBeZn0kap9QbNbpIQbmnE9m/sWuOPfQ=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8832015.fls.doubleclick.net
a.audrte.com
a.twiago.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.doubleclick.net
ad.ipredictive.com
ad.yieldlab.net
ads.stickyadstv.com
adservice.google.com
adservice.google.de
amplify.outbrain.com
analytics.tiktok.com
api.adrtx.net
api.fundraiseup.com
api.hcaptcha.com
api2.hcaptcha.com
b.stripecdn.com
bat.bing.com
beacon.krxd.net
c1.adform.net
cdn.cookielaw.org
cdn.fundraiseup.com
cdn.resonate.com
cdn.taboola.com
cm.adform.net
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dynamic.criteo.com
e.acuityplatform.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
exchange.mediavine.com
fndrsp-checkout.net
fndrsp.net
fonts.googleapis.com
give.marchofdimes.org
global.ib-ibi.com
go.marchofdimes.org
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hcaptcha.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
insight.adsrvr.org
jadserve.postrelease.com
js.adsrvr.org
js.ipredictive.com
js.stripe.com
load77.exelator.com
loadm.exelator.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.contentexchange.me
match.sharethrough.com
matching.ivitrack.com
merchant-ui-api.stripe.com
mug.criteo.com
newassets.hcaptcha.com
pagead2.googlesyndication.com
pay.google.com
pdw-adf.userreport.com
pixel.quantserve.com
pixel.rubiconproject.com
play.google.com
pm.w55c.net
ps.eyeota.net
px.adentifi.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
r.casalemedia.com
r.stripe.com
redirect.frontend.weborama.fr
region1.google-analytics.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
secure.quantserve.com
sentry.fundraiseup.com
simage2.pubmatic.com
snap.licdn.com
sslwidget.criteo.com
static.cloudflareinsights.com
static.fundraiseup.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.outbrain.com
sync.teads.tv
t.paypal.com
tags.bluekai.com
tags.srv.stackadapt.com
token.rubiconproject.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
ucarecdn.com
uipglob.semasio.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
wave.outbrain.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.marchofdimes.org
www.paypal.com
www.paypalobjects.com
x.bidswitch.net
cm.adsafety.net
104.17.73.206
104.18.12.242
104.18.36.155
104.19.218.90
104.19.219.90
104.26.4.251
104.26.5.251
108.129.21.249
108.157.1.118
13.107.42.14
141.226.228.48
141.95.98.65
142.250.181.230
142.250.185.162
142.250.186.98
151.101.1.21
151.101.129.44
151.101.193.35
154.59.122.94
178.250.1.9
18.154.63.19
18.154.63.81
18.193.153.136
18.196.116.41
18.211.93.14
18.66.248.63
185.167.164.43
185.64.191.210
188.114.97.3
192.229.221.25
198.137.150.201
2.23.197.190
2.23.209.49
2001:4860:4802:34::36
2001:4860:4802:36::178
216.46.185.183
216.58.206.38
217.182.178.234
23.213.165.149
23.213.165.82
23.32.185.35
23.48.23.145
2600:1f18:612b:4264:71a5:abfd:648d:2410
2600:9000:211e:d600:1b:5138:8a40:93a1
2600:9000:224a:6e00:6:44e3:f8c0:93a1
2600:9000:224a:7a00:19:7d10:bd80:93a1
2600:9000:243d:3200:b:1d09:f200:93a1
2606:4700:10::ac43:a5a
2606:4700::6810:3865
2606:4700::6812:83ec
2607:ae80:4::25
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200a
2a00:1450:4013:c04::5c
2a02:2638:3::c
2a02:2638:3::e
2a02:26f0:3500:11::215:14dc
2a02:26f0:3500:16::215:1484
2a02:6ea0:c700::21
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.121.27.153
3.65.6.17
3.69.92.105
3.71.149.231
34.117.157.22
34.213.100.182
34.250.183.118
34.250.78.204
34.98.64.218
35.157.42.67
35.190.24.218
35.244.174.68
35.71.131.137
37.157.4.28
37.157.4.29
37.157.5.133
37.157.6.236
37.252.171.149
37.252.171.21
40.160.4.235
46.19.11.36
52.30.133.211
52.57.164.72
52.58.128.62
52.86.238.173
52.92.20.216
54.186.23.98
54.187.159.182
54.216.105.108
54.216.96.95
54.217.36.38
54.78.254.47
64.202.112.127
69.173.144.139
69.173.144.165
72.44.44.12
74.119.119.150
76.223.111.18
77.243.51.121
85.114.159.118
85.215.5.31
95.101.148.20
99.81.117.7
99.81.243.254
019696b175f8558a9f629b596b30b4715bf1219fbee3e3588dbacfb1582df84c
02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87
06a1918709ba854bcfe97ef585a6cd91c56671b6d23c7ee5ed5177ad97e67243
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0759fd6bed5370e4bc3c573dedceaeef9d7b64efc7343a10d0b147ac0b04ad53
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
0818599f49812b1630d5ae86b4b4f5f722cdda7c78c3fa6761ae2b35baec56bf
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
0bf7bc0004aeb0dc1b7bb23f128ac24f0302a776cd1950295bc6ffae6e990bf2
0ca696238070bc4174509b4b2acfc3103c38c49b3c135f0af24366ce16f281c2
116448ff3191f74560d6d91c76cebc18ec741564aa62d5c6f8bdf8f611e8a2b7
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
14da571158b9b3e44ffae6109bcba7f2e85fe5d13baaf6a60082edfe9483ba5a
16b59918ab6733c57a8a7a9d6a1968d29e79df70c67909ddf241e029d0c15230
183d1f7f458dfc35496d9eb446598b1b96658ab4dc316b23cea4cd7bfcd4c8ea
18b65fdc6da2826c107418e5c689078ff47b54e7f2fc690546c33dbd3b343125
1c2e62deea90ad8ea208037abde538d6100d5a3efce136c89e64a80c1b1c6b07
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10
1e165aced676a44dcfe63358d61c5de8b973540a500ec01e742ef190f2b2fd1d
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
218b91569ad8f0a5cf1aba89f3957966ecffb7b5852ca25b709bd8f887a00c90
225cd565a241fd2329d7fbdc32be0c9d94ac4692b5f9b507454604980a418c70
23098142daf44c1cb7d244684146fb6ecb0568274118ae3f62cef67034551ef2
24049fb41335d87d82a9faea10cf9aa2a0ef868037667b029d2953a940cdf67b
25c3a3c0aecc1c3cdb989b17c48a9a75970beb6343e0df0c2651ba5eb75c900a
26dd3e70c1aa731ac4c5a27ac65c200ceb2756eca0ae5862e8fab8b7d4985dd0
276867c5c3ce0b2f35e900e8e9c73fa7dc25a53802bb365f2d20642fd253f79c
279a1e64a58cb3af05f782d85d063507979f239d654067f06d7af12e1ef71438
2972ea87cd5c4adceba0baf8d735c0dae6512fd7bb276586f5ef9b707b2cde92
2a79623b8606d1583bada494ecdaac61b10440ba7a0da23185892f9d86f172dc
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aa9b0ccf31fe34e187c3b09bec7e9d8fccdeb48a5b2223d9f80df2a8790a6af
2ac93c14f7863cc7b7df8e279a534c4940cae9a66ae48192761c6b7c5986eee2
2cce92b2179736d73b066138961f8f33ff0039291f05146c1047d0b276d7b006
2ceee682f306a64e8cf1b48d513f71a81dc852709cf2b36b3d9b3719fac0b0fa
2d414e5f00e69a14d9e552014d9f932df7c40b618b2904726170fb689ef8fe87
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
301850f8ca8b8c106497210d9d78aa7b4e1339f42f01aebff119f7f633984966
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
31c9ef99aae6896ff764e44f3cc121359d2a42dc49389a16a8b236f6e8aacfca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c2ce3fc3f9f303fb23219d570a67d0c55951c3f6c81b25e440ba6fb68e60d9
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
337738b644c1b01e37308c9026995b63c20387f9bc8f219cb99f72eb3b23f35c
34dd264e6c13ffad5936e8c03270caee4d5c75a223e4c83928d54cc9b29dcffb
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
367a739d76c10478e59fb5c1e6e0f8576b06244917b3547e4bd5a4f561c77097
368dd7da190a6dab28436caf13245f59879fdb08fb07f4bf0b9e5f6b6e4fe7d2
377a6ada8b0adaf4e37c51a736bda1e6a66e2339322ce58193e81d5909ee2fb3
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3a06c60d0bdaeba9a685c6b98ec4108e8358606ae608bc2866b3873ba36e8be5
3a6d32510414316b67ac39bceb49575f8045621ba1eef7bb962e9096867a5d42
3de7a0f6d4d192cc931ffc60dcd9c41cf823614d8fe3264c7553611853a2dc52
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3ed0a4e695771f9903b95ac84166dbb8b89a5f6ead020bdba7fccce3d082e2f8
3eeaf7446956d4f52db0d9d320988723bec23129315a8daedf665bab334d6b21
40329e4d71f52386b55c15b623c451ed029e45ebfcfe55f7798204270bd34c71
40f7997ff37aac676d939dbdb0d33f6381fc5b66de4e4c79240e6e9503b14c15
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
420a436e0e9e1c48a2f9ce50b59fdb2b805d0274cc20fa569fd1726c4dbf90e9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445268ca36d9f009a1828ef60e20574e55089d9a365f44185dbe8462a418b5df
4471ccb98d7627f19e1fd997e5562b4be936baf86b6597eb63330c6843fc59c1
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9
47a019a4a25f09f59e801a8b3d77f63a3a975a4c763f8430defa7987e14d7d64
49a67c940b597e96c08904d9225c325462f2f4c3202986896702c2e4ed3676ef
49e6f18090a8c3b811e5d7d50a1cd9e83272f1ecbea95624373950070500a90d
4aa2fdddfcb25552a1713673a954bc864de1a7b22dc0ebe664fe8ddb6bcb21ee
4b57a6d97fc4340e01339086713fe15bc8c6bace25a8fa8b8682558c953c444a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc9b49ae6ec81de78cb07234ba748e5f186b819079eca3e7e82db4690641275
4c73ae3eda72c7eef8b13c75031180df1d81626dec2a68a846094d697fec3546
4d663da5e7f6fe773fda5fe642d04a71cd988f1132b343edb5be914d44a1f534
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7f6cd883b421b03d88891e93891fc89bd7e4cde0266009f72250f0092302aa
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
517aa5c6549c92ef5244d8e9df5d662310d50ca9419b12b9157e67ff640be3b8
51b763481c66149c1e0ed492bd468fed6357e0dd627d222d23f07d07ab57abed
52142e0671ba7294da28434e2a92636b8848c1fe284fe09543c4e8f7e4716d11
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55934d27fdb4a14ddc59cac40e940a9c8100acc76c156e9be5f3b9c0dff6569f
564997debc20f446a4f38720248e1dbaaaa15ee5e40de23c946a0af7aadc6b47
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5ab11304d671d352bac6554d49fffd0f81d7ed1bced6bdf9c021e6e0fa538494
5b17a420163b181948e21b8a69880c8f8098f369084006bfa920b62194ff3c81
5cc76e7f5b027b2566d97e2701af7b605a376c4a0487302d2634bbceb67eb349
5d8714d6910f2b68e63dd97927fe794ac4b78df4a848e0a4cce330a7d619f5ab
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fbdec47eb761902c4f7d14ccd5a3b97bbaca6a18d485482157fff7f97684d3d
5fda46ad6de82ed65908428f090ab3cb24da2b2ab22e3f19e2713e94eecdc907
6109a9264c6bb75eaf69d45fd3fc6f193794adac940245584a014c10d334dda5
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
642c3f67dbc0d646b7d2508b081e0a6040a7be94478f0cd6d2a6de21f5d11ed7
642d50bf95258a7181203326b05c08982dc5298ff21982594594a2ece141bed8
6432a66c7d8240059ca76b571620dd0f54b4d3a5dc05fccf8cff7c8304bc9493
66c945af4f5b5e6ef68d380bae05a25808d447ae9a4f0bf3ed83b20d12752ffd
67195d5af97892b1ab9fb5d5fe5e77c8f01895e254995833b4aeb702d12bb1ca
67babd89dd5d6e783cbe7ba05cb7d77c2c3ab7bb0b3ba87b185b391a21e8cc35
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69c942423058ca7c0d54a661d67cded9d06b9f030dd45e434bcc72cd150e7e92
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1dccb5a273ea2fadd2437f76d7e4b897e7c5f461f52c0b72cc7e74db13cca2
6cc4700b8677a899840ce32bc6c1b5d5405e5d7f2e14a338ed95e4fe40a2bb96
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e8c9891301f11c066f70e0850c6b4c34c70b63893a43733d52b997913455a56
6ec65ff8562887c03245269b73d1ebb60f6f619d9bad49c6ce2c956e7a0826f4
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7176a2935514018f4c12a99dccc108407f9f4bdd7c1be1a097cbec7a90fb7542
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18
75c911d121bdba9548b91e8a057bfae7edbebe988a7423821fc7d4c090c64b92
76314e37179518eec515a6aaf17127f38b223a4a7b1ec0acd29c84e8dd566efd
794621ac41042c74a0b71317c5305be6bcd89a3401a0057854fc3ef2a5db9009
7a5d1a8956ee3f319edea53bf11ba07988f8c6a0b6204633cee6a41b4b216127
7ab9076f2aae769d76e16fc79b147c0cde926233d585fb3a184cc0b80f1c8433
7bbc99a6b0a7d923015cdc3e9d371e6ffb39b52923943ad6e4bd15ef3deda290
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
8166e6a7d3fe9fdc26b2f8a0bff105a647c884e550c57225b9cc660d0be6b278
81cde3f01b38120a310a1511896c42f68a46f83b6a5ea874ca447de65563cdc2
82fc02af46ba3ab5b7bc46bc74c979c125eb281b4482036d29ce292c4981ca06
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b21363e68e52f1ba52f2f292a183e39f00372c248ecfaf0c5c1fa671ff46a00
8c539677a5fa924b3f663fbe2026616c64bd4080701b43c04e6489f9d31ccb87
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dce33441363825a8fa61a81612d0f77705238bb6709329269593b63777a4bc3
8e758310065d56c81731fadefacd48f77fe962456070bcd42b4fab78e044a69d
8eeb23a1dcd42802d5d861556c6ae4848a05fd28cd22bb8ed884015b62eefd9e
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9516e1c23610840cf3f86fc18968a997a2af08e5f42e0093013f0836285d30bb
95769945bb2c659e11d188090b47e69323b50d8cd4f0e2c84fdb1a11594b52ea
95819f207a256af456417b5a31267ab69f0bd99cb0e1d82ee5696c6db751f229
988bde890e8c2cf9ca82762c4c050784e2d991ea915e2975eb87387520cd12e1
98b2231b86974817ee296cd79e82374ecaae68b096638100e4bdd0b0386a2997
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99efbd5bb0ba6e33c15483b4857717f271a05b11f637905e2a5079004170cb99
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
9f0e84423364abfd9e2fccdf384d965cdaf5f88947b48c6e3bc351c39bd3c835
9fb218a2b6a039eaf89cbd37cd1555bc0f0398efdffde33a410990feda30a3c6
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a602bbdd20348935d02aff5b710985675b9b01118d9b8c5de54df6655fede5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a25a6a4e9998707ab4dff5713e0150206403d814bb3963372e5db1fb555999e8
a664963b7c5a8f09710d18e3a44b741e7b9fb7691d7b4ba4481d77989d2fd932
a7b2ea1567418dfa760e5cde30e2a0e56bcf4f17c53e29b458b8eca41fbd9e08
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce
abca992fa4e621e1b432acbd7111a6c3561a508229e1ae32873531feb1d24a17
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
ae4ad442fdfac1ade543efd816459a6dfba4aeb6583e6e8cc17aee1dfacb65d4
ae885067159b6a4c7f153446d01bd1e0405d0acd180089840397091758a42695
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20d59f253b64071fbf66fdb532ab7de85010449846016eb6697b131c3c33b0c
b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1
b410913850321efd333e39ddf1a5d49a433b29721126ec6d785f8f039e98bc32
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b596c15fc92d124e18473ffa1d9529ea88cf1918efa33f00447fee4113a68338
b5d9f772080af3ffd8a6d0c6ba29c219f5b2d0e85ca7d7dc26fd49d0d16f7752
b73c2239b5b0ae6e051cb135734dc2101aeaf9032dd6b2c29ce9679330fc0bd0
b81f50d6d819dd6d6aaf0cb6402329f0479c734ad2f0918eb9f8366b66f78c83
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
bb83ac4c1a72227dd5036318370e6523f7a06d0e9f791efb6f6fe34b22621ce5
bd6bc2f4766cf440a7ee57a1063bc686d2c963315c78b7f880f234beabd137bd
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
bf43c24568a7c7e1b15e9e7de353f3d702a7010cffcdc18be89d75cd987acd88
bff4e5a01e8dd93a69abd5a5531d53cd891f65134c552718134e0adeda2be295
c09f9bc171c32544001b130b5ed1f7f2e2b8c1ac817823452288bc678afc57e6
c0c067d3512326ee1d73cce9dccbb1bb59c24b279df3ea650ddf80578182bda6
c0ee34fcf7db9c8bc2412f47c264d8de575c2d477198cabc635ba538ddcd77f0
c1f92dcc7494187b5787cabe4834de25f4502ff2aa4228956b919785118df04d
c3c193a2e64fe803deba1f8c52fbec46e6a2089c546d8b18dc1f9a56ec4ca692
c50703a9859028e070c5ba54517ac39c873fcfc5015907f5dac21c78648ccbdf
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f
c93ed8dfb7caea390d2193a55559b350b711974a5e0b4173b968573b6194dbc3
c963fd1212d60ca1c683bccb3c3ace830cdedc1dccf7256c112a9708f9e7cf88
cb48d9e8351750646223a61d5868a0eda7972e2ea278c69677577300810b0ad4
cb6f9e60e6bf41a5af731690552807e6e4ca7be8994fd8804b9cf15592d3ef5c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1802297dea21b3e6a860ccb64dac092312598f1743b8b6b9dd6c30adb4bfe45
d2d70ab946fae1486dabd3b40d7e8b4754fd37f1bfdafbddd6129ee6c46d98a1
d30717f2e8dc64c231e7f24843ca4ba6c9076d5e838b08e4d6efc0ee66b9f9c6
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d3f7e24515a6e8e17332b556ae1a433f0b6e00cdaea90167be98c2734b0049a0
d4660c763169716a38ee1153d2cc4eca87ca421195d67bd89ea964b10bfbacac
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
db2fe02b994fdded9fe3acc3f595150e738f4a0c34d9a41e76a6627be26b5352
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df9d8e18a3cec3afcf01338e9a26209eeb89e3d0eaf97f0d5298f039776ffc8a
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e03fc0ba3252318f3c219890efdc2ae119947e00b51667452e164e21d67a4ab1
e2717d806962fe1e4c9810ca869fb82c8bbd86638ca6787d01ff8c947c20df3c
e2a900b2a6524b9f6a640eddeda6e045bea4aff194c9203ea660e6db5743b69b
e30c033f4ed981b095b1f2313a46397ade450ba7224cac4334c9dba5896b4e51
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46de8ce43bbbc4282b65b9805f4f7c462f812ce23b615379b468beb09a989a7
e50d15896eb602b52225697467a0e13195cddd10423d86ccafc7598f8a6a6111
e7e7f216e2add2e5655784665bea48f8efed39c8be96c40782b3f0cf84df6bbf
e944de09b6e048d89b1dff57baf718b2ac1dc0d273e55560decb4c82cc828c8f
e9719b638317091bed0ab518c0ef99c5dbf1a3083d8b481673d376c47b3da124
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ebd6d32400095fb406e63e748a6a8451eb6cdefc0f57d5f3217de10fdc57b416
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ee7c8ba95049e9595ee4c402407497e1adc2f7aab23a12867bec80b97757bb4f
eefe1e7d99ab4810bfb479ff54c275efb459b6ae9abfebfd221c4a518ead27d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16ade3e5da5d485764a1d4ca2aa3f94f757b785195b04d391de88680adf76ea
f300f66c1304e23bfc15a23908129f0b10ff24c89f5a2727bc52735acda82d57
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf
f55809ae21d5dcfb8a6e01596d12eb88c0630f7e0aeff4c285b981df7864aed5
f8cd06506717ca4b233b2fd62746d5a39c9230b4ea3c4bb56206edf928ed8d05
f8e7a944adcb9d32eaf4e2f6e85cb7d1f9029b74de22ad7ff2d46ef82b189c95
fc3a41aaf9de8dcdbb1aa7c552942868390ff131f4ae48acd79df9d5a7ff996f
fc680fbc98eb3c5f28221082a68d7965195badc857a7ffcea811bc9abaab411f