bgca.org Open in urlscan Pro
137.135.91.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.e.bgca.org/?qs=5ef42963fb86cad371996a242d328a6daa2a70e8f224a9a99376e62a0292db17f243eea288f99a0529b83cca4cfe...
Effective URL:
https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawki...
Submission: On April 12 via api (April 12th 2023, 6:49:44 pm UTC) from US — Scanned from DE

Summary HTTP 348 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 72 IPs in 10 countries across 61 domains to perform 348 HTTP transactions. The main IP is 137.135.91.176, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is bgca.org. The Cisco Umbrella rank of the primary domain is 498345.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 1st 2023. Valid for: a year.

This is the only time bgca.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.45.29 13.111.45.29	22606 (EXACT-7) (EXACT-7)
1 33	137.135.91.176 137.135.91.176	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::282 2a04:4e42::282	54113 (FASTLY) (FASTLY)
14	104.26.5.251 104.26.5.251	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
8	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
3	172.64.129.3 172.64.129.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	54.88.204.97 54.88.204.97	14618 (AMAZON-AES) (AMAZON-AES)
10	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 6	2600:9000:211... 2600:9000:2113:f800:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
46	172.67.72.38 172.67.72.38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20eb:4600:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	52.32.105.92 52.32.105.92	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	18.164.52.121 18.164.52.121	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
55	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:c272:fe68:50ad:1ea	16509 (AMAZON-02) (AMAZON-02)
1	147.135.78.45 147.135.78.45	16276 (OVH) (OVH)
4	2606:4700::68... 2606:4700::6813:d383	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
40	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:11::215:14dc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	35.167.148.162 35.167.148.162	16509 (AMAZON-02) (AMAZON-02)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 2	103.229.206.241 103.229.206.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	2a00:1450:400... 2a00:1450:400c:c02::5c	15169 (GOOGLE) (GOOGLE)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3 3	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	54.78.84.139 54.78.84.139	16509 (AMAZON-02) (AMAZON-02)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.185.209.202 18.185.209.202	16509 (AMAZON-02) (AMAZON-02)
2 3	37.157.5.141 37.157.5.141	198622 (ADFORM) (ADFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	69.166.1.12 69.166.1.12	27630 (AS-XFERNET) (AS-XFERNET)
1	2.16.238.146 2.16.238.146	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
8 9	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1 1	2600:9000:223... 2600:9000:223c:1000:d:b853:c880:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 2	3.127.96.147 3.127.96.147	16509 (AMAZON-02) (AMAZON-02)
1 2	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
1	2.19.224.115 2.19.224.115	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.194.16.253 34.194.16.253	14618 (AMAZON-AES) (AMAZON-AES)
1	52.51.47.150 52.51.47.150	16509 (AMAZON-02) (AMAZON-02)
2 2	34.238.211.149 34.238.211.149	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550f:b16d:e001:514:e364	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.247.20.4 34.247.20.4	16509 (AMAZON-02) (AMAZON-02)
1 2	52.50.220.58 52.50.220.58	16509 (AMAZON-02) (AMAZON-02)
1 1	3.67.140.136 3.67.140.136	16509 (AMAZON-02) (AMAZON-02)
1 1	18.185.199.79 18.185.199.79	16509 (AMAZON-02) (AMAZON-02)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
348	72

1 13.111.45.29 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.e.bgca.org

click.e.bgca.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 137.135.91.176 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bgca.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.26.5.251 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.129.3 (United States)

ASN13335 (CLOUDFLARENET, US)

fndrsp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.88.204.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-204-97.compute-1.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2113:f800:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 172.67.72.38 (United States)

ASN13335 (CLOUDFLARENET, US)

static.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:4600:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.32.105.92 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-105-92.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.52.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-121.cdg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:c272:fe68:50ad:1ea (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.78.45 (United States)

ASN16276 (OVH, FR)

sentry.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:d383 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ucarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.167.148.162 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-148-162.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.206.241 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c02::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

fndrsp-checkout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.46 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.84.139 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-84-139.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.209.202 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-209-202.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.141 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.238.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-146.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 77.243.60.138 (Norresundby, Denmark) 8 redirects

ASN42697 (NETIC-AS, DK)

uip.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1000:d:b853:c880:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

redirect.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.96.147 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-96-147.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.224.115 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-115.deploy.static.akamaitechnologies.com

su.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.16.253 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-16-253.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.47.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-47-150.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.238.211.149 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-211-149.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550f:b16d:e001:514:e364 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.20.4 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-20-4.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.220.58 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-220-58.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.140.136 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-140-136.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.199.79 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-199-79.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
93	stripe.com js.stripe.com — Cisco Umbrella Rank: 1244 q.stripe.com — Cisco Umbrella Rank: 7928 Failed r.stripe.com — Cisco Umbrella Rank: 4840 m.stripe.com — Cisco Umbrella Rank: 1249	2 MB
61	fundraiseup.com cdn.fundraiseup.com — Cisco Umbrella Rank: 38183 static.fundraiseup.com — Cisco Umbrella Rank: 36015 api.fundraiseup.com — Cisco Umbrella Rank: 432547 sentry.fundraiseup.com — Cisco Umbrella Rank: 455014	1 MB
34	bgca.org 2 redirects click.e.bgca.org bgca.org — Cisco Umbrella Rank: 498345	1 MB
20	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4000 www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 3232 play.google.com — Cisco Umbrella Rank: 31	434 KB
12	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1107 sync.mathtag.com — Cisco Umbrella Rank: 507	10 KB
12	userway.org cdn.userway.org — Cisco Umbrella Rank: 4955 api.userway.org — Cisco Umbrella Rank: 4887	130 KB
9	semasio.net 8 redirects uip.semasio.net — Cisco Umbrella Rank: 21843 se.semasio.net — Cisco Umbrella Rank: 24020 uipglob.semasio.net — Cisco Umbrella Rank: 1290	5 KB
8	paypal.com www.paypal.com — Cisco Umbrella Rank: 2477 t.paypal.com — Cisco Umbrella Rank: 3199	84 KB
7	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2665 d.adroll.com — Cisco Umbrella Rank: 1345	22 KB
7	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	3 KB
7	gstatic.com fonts.gstatic.com maps.gstatic.com www.gstatic.com	154 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 maps.googleapis.com — Cisco Umbrella Rank: 409	213 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	66 KB
4	stripe.network m.stripe.network — Cisco Umbrella Rank: 1316	34 KB
4	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 5558	134 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 400 www.linkedin.com — Cisco Umbrella Rank: 579 px4.ads.linkedin.com — Cisco Umbrella Rank: 6196	5 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 407	13 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 594 i6.liadm.com — Cisco Umbrella Rank: 2475	2 KB
3	adform.net 2 redirects cm.adform.net — Cisco Umbrella Rank: 1297 track.adform.net — Cisco Umbrella Rank: 3522	1 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	3 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	234 B
3	google.de www.google.de — Cisco Umbrella Rank: 5216	669 B
3	fndrsp.net fndrsp.net — Cisco Umbrella Rank: 36583	1 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 512 d.agkn.com — Cisco Umbrella Rank: 694	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 215	2 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 805	840 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1554 beacon.krxd.net — Cisco Umbrella Rank: 611	501 B
2	smartclip.net 1 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 4324	865 B
2	adscale.de 1 redirects ih.adscale.de — Cisco Umbrella Rank: 2820	627 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 758	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 467	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 323	882 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 302	503 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 569	2 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 676	864 B
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2321	33 KB
2	ucarecdn.com ucarecdn.com — Cisco Umbrella Rank: 18126	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	137 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 677 script.hotjar.com — Cisco Umbrella Rank: 927	72 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	182 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 437	1 KB
1	addthis.com su.addthis.com — Cisco Umbrella Rank: 3036	95 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 1549	324 B
1	zeotap.com mwzeom.zeotap.com — Cisco Umbrella Rank: 2840	384 B
1	userreport.com 1 redirects redirect.userreport.com — Cisco Umbrella Rank: 861891	382 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 604	114 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 1025	311 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 655	699 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 981	535 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 403	98 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 544	459 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2519	273 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 999	555 B
1	fndrsp-checkout.net fndrsp-checkout.net — Cisco Umbrella Rank: 498684	509 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 340	239 B
1	azurewebsites.net lightboxapi.azurewebsites.net — Cisco Umbrella Rank: 17783	1 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1000	373 B
1	xg4ken.com resources.xg4ken.com — Cisco Umbrella Rank: 5683	4 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 853	5 KB
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2675	755 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 756	30 KB
348	61

	Domain	Requested by
56	static.fundraiseup.com	bgca.org cdn.fundraiseup.com static.fundraiseup.com
51	js.stripe.com	static.fundraiseup.com js.stripe.com
39	r.stripe.com	js.stripe.com
33	bgca.org	1 redirects bgca.org
12	play.google.com	www.gstatic.com
10	pixel.mathtag.com	www.googletagmanager.com pixel.mathtag.com bgca.org
8	cdn.userway.org	bgca.org cdn.userway.org static.fundraiseup.com
6	www.paypal.com	static.fundraiseup.com www.paypal.com www.paypalobjects.com
6	s.adroll.com	2 redirects www.googletagmanager.com bgca.org s.adroll.com
6	www.google-analytics.com	www.googletagmanager.com bgca.org www.google-analytics.com
6	maps.googleapis.com	bgca.org maps.googleapis.com
4	se.semasio.net	4 redirects
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	static.fundraiseup.com pay.google.com bgca.org www.gstatic.com
4	cm.g.doubleclick.net	3 redirects bgca.org
4	m.stripe.network	js.stripe.com m.stripe.network
4	www.lightboxcdn.com	bgca.org www.lightboxcdn.com
4	api.userway.org	cdn.userway.org static.fundraiseup.com
4	bat.bing.com	www.googletagmanager.com bat.bing.com bgca.org
3	uip.semasio.net	2 redirects
3	ib.adnxs.com	3 redirects
3	www.facebook.com	bgca.org
3	www.google.de	bgca.org
3	api.fundraiseup.com	cdn.fundraiseup.com static.fundraiseup.com
3	fndrsp.net	cdn.fundraiseup.com
2	dpm.demdex.net	1 redirects
2	sync.crwdcntrl.net	1 redirects
2	i.liadm.com	2 redirects
2	ad.sxp.smartclip.net	1 redirects
2	ih.adscale.de	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	uipglob.semasio.net	2 redirects
2	track.adform.net	2 redirects
2	pixel.tapad.com	1 redirects
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ad.360yield.com	1 redirects
2	sync.mathtag.com	1 redirects
2	m.stripe.com	m.stripe.network
2	t.paypal.com	bgca.org
2	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	ucarecdn.com	bgca.org
2	maps.gstatic.com	bgca.org
2	www.google.com	bgca.org
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	bgca.org connect.facebook.net
2	www.googletagmanager.com	bgca.org www.googletagmanager.com
1	id5-sync.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	i6.liadm.com
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	su.addthis.com
1	loadm.exelator.com
1	mwzeom.zeotap.com
1	redirect.userreport.com	1 redirects
1	rtb-csync.smartadserver.com
1	ce.lijit.com
1	ads.stickyadstv.com
1	sync.go.sonobi.com
1	idsync.rlcdn.com
1	cm.adform.net
1	stags.bluekai.com
1	eu-u.openx.net
1	image2.pubmatic.com
1	fndrsp-checkout.net	cdn.fundraiseup.com
1	pixel.rubiconproject.com	bgca.org
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	q.stripe.com	bgca.org
1	sentry.fundraiseup.com	static.fundraiseup.com
1	d.adroll.com	s.adroll.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	bgca.org
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	resources.xg4ken.com	bgca.org
1	snap.licdn.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.fundraiseup.com	bgca.org
1	cdn.polyfill.io	bgca.org
1	code.jquery.com	bgca.org
1	fonts.googleapis.com	bgca.org
1	click.e.bgca.org	1 redirects
348	89

This site contains links to these domains. Also see Links.

Domain
www.bgca.org
bgcagift.org
bgca.careasy.org
facebook.com
twitter.com
www.facebook.com
www.instagram.com
www.linkedin.com
www.youtube.com
bgcaestore.org
visionlink.org
give.org
www.charitynavigator.org
mlb.mlb.com
www.microsoft.com

Subject Issuer	Validity	Valid
*.bgca.org DigiCert TLS RSA SHA256 2020 CA1	`2023-03-01` - `2024-03-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
fundraiseup.com Cloudflare Inc ECC CA-3	`2022-06-21` - `2023-06-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
1667503734.rsc.cdn77.org R3	`2023-03-13` - `2023-06-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-23` - `2024-03-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-20` - `2023-04-20`	3 months	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2022-10-18` - `2023-11-19`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-01`	5 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
api.userway.org Amazon RSA 2048 M02	`2023-02-09` - `2023-10-31`	9 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
sentry.fundraiseup.com R3	`2023-02-12` - `2023-05-13`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
ucarecdn.com R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 05	`2022-12-27` - `2023-12-22`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Frame ID: A7131DA4004A8B4882B47268B53FEDB1
Requests: 159 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=28076436-fd41-4d00-87b1-223d3c27a023&no_iframe=1&mt_adid=258122&source=mathtag
Frame ID: 39C07F6B48C29015FBCB751E115587C8
Requests: 36 HTTP requests in this frame

Frame: https://js.stripe.com/v3/
Frame ID: 429F7CCF506AA4AEF22F890A50A711C2
Requests: 16 HTTP requests in this frame

Frame: https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
Frame ID: AFCEB04A61B695C112B29583283DDB92
Requests: 1 HTTP requests in this frame

Frame: https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
Frame ID: AE9E049C6CA712BC38C27884A1A20684
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-4e4663227a7434a38009e2b0047bf2ee.html
Frame ID: 9A16F9569D3D1A4F94E5C2C1DFF8FC60
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 265116F5F36BBDFA1EB6D82F4D180F71
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: AC33131073D32294C9291F78B4281EA0
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-4e4663227a7434a38009e2b0047bf2ee.html
Frame ID: 9CA95066D092980041970B2E4F530544
Requests: 37 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
Frame ID: D421199D59053C472D77A1678C6C7EF2
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
Frame ID: 70E269624CC4E99DBD51FC4F69CD7054
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
Frame ID: F542278C131FA48794BD8A0F512C3605
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-au-bank-account-6158a5c474b4220ed871f45fa5aa1edc.html
Frame ID: 079D8CDCA29D3984AF3C4675B22738AB
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-iban-5df8dcf92c7a7c32278d95fa60acbfeb.html
Frame ID: BC394FF63A86C511BA420FE66B66B327
Requests: 9 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: CE8167948BBAD6693EAEEA578331BC94
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fbgca.org&mid=
Frame ID: 7CAB3F92259368E81C5BBABFA6AB3995
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 23DD697E4F059F41C8B8BC416EB07BCC
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 930043AB6AE800E5144B6FD0A56E4563
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ways To Givecloseclose

Page URL History Show full URLs

https://click.e.bgca.org/?qs=5ef42963fb86cad371996a242d328a6daa2a70e8f224a9a99376e62a0292db17f243eea2... HTTP 302
https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Lightbox (JavaScript Libraries) Expand

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

348
Requests

89 %
HTTPS

36 %
IPv6

61
Domains

89
Subdomains

72
IPs

10
Countries

5929 kB
Transfer

17869 kB
Size

97
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bgca.org/ways-to-give/donate-employer-matching?_ga=2.215771603.536335376.1639609351-1753206403.1639522746

Search URL Search Domain Scan URL

URL: https://www.bgca.org/ways-to-give/donate-stock

Search URL Search Domain Scan URL

URL: http://bgcagift.org/

Search URL Search Domain Scan URL

URL: https://www.bgca.org/get-involved/volunteer

Search URL Search Domain Scan URL

URL: https://www.bgca.org/get-involved/become-a-partner

Search URL Search Domain Scan URL

URL: https://bgca.careasy.org/home

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer/sharer.php?u=https%3A%2F%2Fbgca.org%2Fen%2Fways-to-give

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet/?text=Support%20Boys%20%26%20Girls%20Clubs%20of%20America%20because%20every%20kid%20deserves%20a%20Great%20Future.&url=https://bgca.org%2Fen%2Fways-to-give

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bgca.clubs
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bgca_clubs/

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/boys-&-girls-clubs-of-america

Search URL Search Domain Scan URL

URL: https://twitter.com/bgca_clubs
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/bgca
Title: YouTube

Search URL Search Domain Scan URL

URL: https://bgcaestore.org/
Title: Shop Our Store

Search URL Search Domain Scan URL

URL: http://visionlink.org/
Title: Vision Link

Search URL Search Domain Scan URL

URL: https://give.org/charity-reviews/national/Children-and-Youth/Boys-and-Girls-Clubs-of-America-in-Atlanta-ga-440

Search URL Search Domain Scan URL

URL: http://www.charitynavigator.org/index.cfm?bay=search.summary&orgid=3380

Search URL Search Domain Scan URL

URL: http://mlb.mlb.com/index.jsp

Search URL Search Domain Scan URL

URL: http://www.microsoft.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.e.bgca.org/?qs=5ef42963fb86cad371996a242d328a6daa2a70e8f224a9a99376e62a0292db17f243eea288f99a0529b83cca4cfe2ebb23fdfb257867ff89bcb828ee5d3edb33 HTTP 302
https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://bgca.org/null HTTP 302
https://bgca.org/404.html?item=%2fnull&user=extranet%5cAnonymous&site=website

Request Chain 74

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569681&time=1681325376103&url=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D569681%26time%3D1681325376103%26url%3Dhttps%253A%252F%252Fbgca.org%252Fways-to-give%253Fform%253DEmailDonor%2526amount%253D100%2526firstName%253DLorraine%2526lastName%253DDawkins%2526email%253Dlorraine.dawkins%2540ros.com%2526utm_source%253Didm_20230412_don%2526utm_campaign%253Didm_5kclub%2526utm_medium%253Demail%2526utm_content%253Ddonate-header%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569681&time=1681325376103&url=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=569681&time=1681325376103&url=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&liSync=true&e_ipv6=AQIf_SBt7exZkgAAAYd2zUTLZBSQRG5KRbN4yfk1QPFBbAVSOPN3Xsgg7NeiR6Hnv5VTeluvCul_LyM_PpMzC2jn16ce

Request Chain 87

https://s.adroll.com/j/exp/WASSXQUF4NDE7JKMEBXCLD/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 88

https://s.adroll.com/j/pre/WASSXQUF4NDE7JKMEBXCLD/AUYEXVHHYVAJFNWZWF27LK/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=KAdkNv1BTQCHsSI9PCegIw HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEMgq3j1FvgZ6b_18Pv1XfFU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=KAdkNv1BTQCHsSI9PCegIw

Request Chain 315

https://ib.adnxs.com/getuid?https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fmt_exid%3D13%26mt_mminit%3D1%26mt_exuid%3D%24UID HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=9182310181545180246

Request Chain 318

https://ad.360yield.com/match?publisher_dsp_id=5&external_user_id=28076436-fd41-4d00-87b1-223d3c27a023 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=28076436-fd41-4d00-87b1-223d3c27a023

Request Chain 319

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=28076436-fd41-4d00-87b1-223d3c27a023 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=28076436-fd41-4d00-87b1-223d3c27a023&C=1

Request Chain 320

https://ups.analytics.yahoo.com/ups/55938/sync?uid=28076436-fd41-4d00-87b1-223d3c27a023&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55938/sync?uid=28076436-fd41-4d00-87b1-223d3c27a023&_origin=1&verify=true

Request Chain 322

https://x.bidswitch.net/sync?dsp_id=80&user_id=28076436-fd41-4d00-87b1-223d3c27a023&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=28076436-fd41-4d00-87b1-223d3c27a023&expires=30 HTTP 302
https://cm.adform.net/pixel?adform_pid=3&adform_pc=981f0145-bd7c-4e4f-8dc7-8c7393e6a886&adform_v=1

Request Chain 325

https://cm.g.doubleclick.net/pixel?google_nid=mediamath_dmp&google_cm HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEPQlDeV0rVbVXlc5L51s5uU&google_cver=1

Request Chain 326

https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=28076436-fd41-4d00-87b1-223d3c27a023 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=28076436-fd41-4d00-87b1-223d3c27a023

Request Chain 331

https://uip.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=28076436-fd41-4d00-87b1-223d3c27a023&sInitiator=external HTTP 302
https://uip.semasio.net/mediamath/1/info2?sType=sync&sExtCookieId=28076436-fd41-4d00-87b1-223d3c27a023&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/14876172?sExtCookieId=28076436-fd41-4d00-87b1-223d3c27a023&sInitiator=external&gdpr= HTTP 302
https://track.adform.net/serving/cookie/match/?party=1008&gdpr= HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=1008&gdpr= HTTP 302
https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=859336912867273605&sInitiator=internal&gdpr= HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=859336912867273605&gdpr=&sInitiator=internal HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=9182310181545180246&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NjUyNERFNEY3N0RBRDhERQ&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESENUotNt8ZbbjHBBPLB8lTw8&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESENUotNt8ZbbjHBBPLB8lTw8&sInitiator=internal&google_cver=1&gdpr= HTTP 302
https://redirect.userreport.com/cs/1/6524DE4F77DAD8DE HTTP 301
https://uip.semasio.net/userreport/1/info

Request Chain 332

https://sync.search.spotxchange.com/partner?adv_id=6653&uid=28076436-fd41-4d00-87b1-223d3c27a023 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6653&uid=28076436-fd41-4d00-87b1-223d3c27a023&__user_check__=1&sync_id=c7a6c94f-d962-11ed-8cb9-155da6fd0106

Request Chain 336

https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=28076436-fd41-4d00-87b1-223d3c27a023 HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=28076436-fd41-4d00-87b1-223d3c27a023&nut&uu=f526829f89db41fe92855119cb9f3ae8

Request Chain 337

https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=28076436-fd41-4d00-87b1-223d3c27a023 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=28076436-fd41-4d00-87b1-223d3c27a023&ang_testid=1

Request Chain 339

https://usermatch.krxd.net/um/v2?partner=mediamath HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath

Request Chain 340

https://i.liadm.com/s/37464?bidder_id=7156&bidder_uuid=28076436-fd41-4d00-87b1-223d3c27a023 HTTP 303
https://i.liadm.com/s/37464?bidder_id=7156&bidder_uuid=28076436-fd41-4d00-87b1-223d3c27a023&_li_chk=true&previous_uuid=70fd50a8fb1d45dcaa17bee9f669a769 HTTP 303
https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=28076436-fd41-4d00-87b1-223d3c27a023

Request Chain 341

https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=28076436-fd41-4d00-87b1-223d3c27a023 HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=28076436-fd41-4d00-87b1-223d3c27a023&ct=y

Request Chain 342

https://dpm.demdex.net/ibs:dpid=269&dpuuid=28076436-fd41-4d00-87b1-223d3c27a023 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=28076436-fd41-4d00-87b1-223d3c27a023

Request Chain 343

https://aa.agkn.com/adscores/g.pixel?sid=9211132948&mt=28076436-fd41-4d00-87b1-223d3c27a023 HTTP 302
https://d.agkn.com/pixel/10751/?che=1681325379897&ip=217.64.151.5&l1=https%3A%2F%2Fpixel.mathtag.com%2Fsync%2Fimg%2F%3Fmt_exid%3D10009%26mt_exuid%3D HTTP 302
https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=

348 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request ways-to-give Show response
bgca.org/
Redirect Chain

https://click.e.bgca.org/?qs=5ef42963fb86cad371996a242d328a6daa2a70e8f224a9a99376e62a0292db17f243eea288f99a0529b83cca4cfe2ebb23fdfb257867ff89bcb828ee5d3edb33
https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_...

75 KB
18 KB

766ms
530ms

Document
text/html

137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3348ea72862a663c65a62dcaf540bde68f8fba140f2ccd1df4d8b9efc0ed0bab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Length: 17634
Content-Type: text/html; charset=utf-8
Date: Wed, 12 Apr 2023 18:49:34 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 367
Content-Type: text/html; charset=utf-8
Date: Wed, 12 Apr 2023 18:49:32 GMT
Location: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:normal,300,600,700,800

Requested by

Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0842843d1561f03fb7029eee70ecebdd203acb8c9679c1cbeb6b889bf53fe89d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 18:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 18:49:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 18:49:34 GMT

GET
H/1.1 200
OK style.css
bgca.org/assets/css/ 36 KB
6 KB 181ms
95ms Stylesheet
text/css 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bgca.org/assets/css/style.css
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cc656953415eb31288d7b4c9a72b21054cea9b5c51f5b96e9482ab8055b19e4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Mar 2023 21:50:55 GMT
Server: Microsoft-IIS/10.0
ETag: "8095d625158d91:0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 5674

GET
H/1.1 200
OK common.css
bgca.org/assets/css/ 309 KB
25 KB 274ms
92ms Stylesheet
text/css 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bgca.org/assets/css/common.css
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9d2a1016a1ac98f47e2e73c0f2e5503583a1fb74402c757bb1cf63d0bd302375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Mar 2023 21:50:54 GMT
Server: Microsoft-IIS/10.0
ETag: "073c4615158d91:0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 25803

GET
H/1.1 200
OK site.css
bgca.org/assets/css/ 2 KB
1 KB 284ms
97ms Stylesheet
text/css 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bgca.org/assets/css/site.css
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 14bf6d6aec8ee5b71710e2bedf5d7133be0e811709aaa27428a127da3a51ab99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Mar 2023 21:50:55 GMT
Server: Microsoft-IIS/10.0
ETag: "bac283625158d91:0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 755

GET
H/1.1 200
OK programs.css
bgca.org/assets/css/ 4 KB
1006 B 278ms
92ms Stylesheet
text/css 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bgca.org/assets/css/programs.css
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9650c73362d0583a5ab76de10f5186a02b9e321d79612a52d14c2b49daaf8afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Mar 2023 21:50:55 GMT
Server: Microsoft-IIS/10.0
ETag: "8095d625158d91:0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 704

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 37ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://bgca.org/
Origin: https://bgca.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:34 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15283"
vary: Accept-Encoding
x-hw: 1681325374.dop236.fr8.t,1681325374.cds126.fr8.hn,1681325374.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H/1.1 200
OK bgca_logo.ashx
bgca.org/-/media/ 11 KB
11 KB 665ms
661ms Image
image/svg+xml 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/bgca_logo.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 12fad3da27b3d9948b6d8ce4f304269296e6811b901ceaaadc560435f82e48ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:35 GMT
Last-Modified: Tue, 06 Nov 2018 17:06:11 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="bgca_logo.svg"
Accept-Ranges: bytes
Content-Length: 11164

GET
H/1.1 200
OK BGCA-NavDrop-Img-AboutUs.ashx
bgca.org/-/media/Images/Site-Images/Navigation/ 20 KB
21 KB 164ms
160ms Image
image/jpeg 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/Site-Images/Navigation/BGCA-NavDrop-Img-AboutUs.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 798ca8b044e8abd17236fa074c9ac96b3107a06421f7078fd96f8361dd13ad5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:34 GMT
Last-Modified: Thu, 02 Feb 2017 20:55:14 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="BGCA-NavDrop-Img-AboutUs.jpg"
Accept-Ranges: bytes
Content-Length: 20939

GET
H/1.1 200
OK BGCA-NavDrop-Img-GetInvolved.ashx
bgca.org/-/media/Images/Site-Images/Navigation/ 21 KB
22 KB 545ms
148ms Image
image/jpeg 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/Site-Images/Navigation/BGCA-NavDrop-Img-GetInvolved.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9909bcd8b5fa2b50742367b64a90fecff8b25b63af257d9845f015fa7c6ad3ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:34 GMT
Last-Modified: Thu, 02 Feb 2017 20:55:16 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="BGCA-NavDrop-Img-GetInvolved.jpg"
Accept-Ranges: bytes
Content-Length: 21776

GET
H/1.1 200
OK BGCA-NavDrop-Img-Programs.ashx
bgca.org/-/media/Images/Site-Images/Navigation/ 20 KB
20 KB 3466ms
3465ms Image
image/jpeg 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/Site-Images/Navigation/BGCA-NavDrop-Img-Programs.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 20b8a74f24c52c8c65547e59b12f7913df7b1679683f844aae9a5e801de9e60a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:38 GMT
Last-Modified: Thu, 02 Feb 2017 20:55:19 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="BGCA-NavDrop-Img-Programs.jpg"
Accept-Ranges: bytes
Content-Length: 20478

GET
H/1.1 200
OK BGCA-NavDrop-Img-KidsInNeed.ashx
bgca.org/-/media/Images/Site-Images/Navigation/ 17 KB
18 KB 121ms
121ms Image
image/jpeg 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/Site-Images/Navigation/BGCA-NavDrop-Img-KidsInNeed.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3ea0d0c42c649dfd7d637e5aaedede51c820ca48a6e89c9ab54dd4b0aa75a5d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:35 GMT
Last-Modified: Thu, 02 Feb 2017 20:55:18 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="BGCA-NavDrop-Img-KidsInNeed.jpg"
Accept-Ranges: bytes
Content-Length: 17786

GET
H/1.1 200
OK Video_WIT_Graduate.ashx
bgca.org/-/media/Images/AboutUs/ 100 KB
100 KB 184ms
110ms Image
image/jpeg 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/AboutUs/Video_WIT_Graduate.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 15a461156d5255ece146f2e37a7cc4e3b136d882a571b9a52b2e94c08d397282

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:34 GMT
Last-Modified: Tue, 11 Jun 2019 14:54:30 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="Video_WIT_Graduate.jpg"
Accept-Ranges: bytes
Content-Length: 102063

GET
H/1.1 200
OK WTG_MIC-Columbus-8770_767x511.ashx
bgca.org/-/media/Images/WaysToGive/2022/ 84 KB
85 KB 378ms
121ms Image
image/jpeg 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/WaysToGive/2022/WTG_MIC-Columbus-8770_767x511.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1dc92901552250491ba8056b1681d80e3fe9222b5709f883b82e5539f54d7b21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:34 GMT
Last-Modified: Thu, 30 Jun 2022 16:58:44 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="WTG_MIC-Columbus-8770_767x511.jpg"
Accept-Ranges: bytes
Content-Length: 86490

GET
H/1.1 200
OK CYOFundraiser_Card.ashx
bgca.org/-/media/Images/WaysToGive/ 46 KB
47 KB 276ms
116ms Image
image/png 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/WaysToGive/CYOFundraiser_Card.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a6790e55c5fd96d34a44a8aeabde02fbfca7fe82f8d4d4afe24d510e77e4ad1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:34 GMT
Last-Modified: Fri, 17 Dec 2021 18:40:10 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="CYOFundraiser_Card.png"
Accept-Ranges: bytes
Content-Length: 47312

GET
H/1.1 200
OK EmployerMatching_Card.ashx
bgca.org/-/media/Images/WaysToGive/ 42 KB
42 KB 783ms
638ms Image
image/png 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/WaysToGive/EmployerMatching_Card.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9051a9e9317137b0f6b40af4502717a6ab3cb2fb0073f689bbfb7393aea74df5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:35 GMT
Last-Modified: Fri, 17 Dec 2021 18:39:56 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="EmployerMatching_Card.png"
Accept-Ranges: bytes
Content-Length: 42814

GET
H/1.1 200
OK StockGift_Card.ashx
bgca.org/-/media/Images/WaysToGive/ 32 KB
33 KB 443ms
113ms Image
image/png 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/WaysToGive/StockGift_Card.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 0fab0327dac3172b38b41a2d89e319adee7f823e35ec8c089ee3f1619200a403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:34 GMT
Last-Modified: Fri, 17 Dec 2021 18:39:22 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="StockGift_Card.png"
Accept-Ranges: bytes
Content-Length: 33191

GET
H/1.1 200
OK PlannedGiving_Card.ashx
bgca.org/-/media/Images/WaysToGive/ 34 KB
35 KB 329ms
103ms Image
image/png 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/WaysToGive/PlannedGiving_Card.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1f5f88e302553dd32837163f3ea0295663dd25a954b5d8e4f4c60a59b15c2538

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:34 GMT
Last-Modified: Fri, 17 Dec 2021 18:39:36 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="PlannedGiving_Card.png"
Accept-Ranges: bytes
Content-Length: 35201

GET
H/1.1 200
OK BGCAImage3280_325x217.ashx
bgca.org/-/media/Images/GetInvolved/ 24 KB
24 KB 1111ms
835ms Image
image/jpeg 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/GetInvolved/BGCAImage3280_325x217.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: db1e6f29aaa1a966de25e65c81d869db453dd47ce0be0c6d5fa4f0ee44df707d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:35 GMT
Last-Modified: Mon, 20 Mar 2017 18:26:16 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="BGCAImage3280_325x217.jpg"
Accept-Ranges: bytes
Content-Length: 24284

GET
H/1.1 200
OK MoreWaysToGive_RoundUpChange_NEW.ashx
bgca.org/-/media/Images/WaysToGive/ 18 KB
18 KB 652ms
651ms Image
image/jpeg 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/WaysToGive/MoreWaysToGive_RoundUpChange_NEW.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1eb196ecfce8ea0d405fcac728fdf0d8b6a60ba442ea9a8b4e086f339deef989

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:35 GMT
Last-Modified: Fri, 08 Feb 2019 23:45:18 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="MoreWaysToGive_RoundUpChange_NEW.jpg"
Accept-Ranges: bytes
Content-Length: 18018

GET
H/1.1 200
OK MoreWaysToGive_CorporatePartners_NEW.ashx
bgca.org/-/media/Images/WaysToGive/ 19 KB
20 KB 117ms
115ms Image
image/jpeg 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/WaysToGive/MoreWaysToGive_CorporatePartners_NEW.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b95b5de946b3a61f245008d6ccca4d7d182674ffe98222684b562727a4bb8c45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:35 GMT
Last-Modified: Fri, 08 Feb 2019 23:44:03 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="MoreWaysToGive_CorporatePartners_NEW.jpg"
Accept-Ranges: bytes
Content-Length: 19617

GET
H/1.1 200
OK MoreWaysToGive_DonateVehicle_NEW.ashx
bgca.org/-/media/Images/WaysToGive/ 24 KB
24 KB 156ms
156ms Image
image/jpeg 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/WaysToGive/MoreWaysToGive_DonateVehicle_NEW.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e59e298c05305797769c8afc96d790ba88e727807151b4859b06f117243d3a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:35 GMT
Last-Modified: Tue, 09 Feb 2021 20:37:04 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="MoreWaysToGive_DonateVehicle_NEW.jpg"
Accept-Ranges: bytes
Content-Length: 24247

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 321 KB
100 KB 627ms
47ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KH58QX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a15898211c31c6e0d1cdf0793d6835a49df6f05f95266dbb12243f199d577f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101522
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Apr 2023 18:49:35 GMT

GET
H/1.1 200
OK StickyShare_Facebook.ashx
bgca.org/-/media/Images/Social-Media-Sharing/ 289 B
629 B 236ms
114ms Image
image/svg+xml 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/Social-Media-Sharing/StickyShare_Facebook.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 6245d11d6830aa20d922f455491e1886e785045acfcb54cbe84734a63eed01e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:35 GMT
Last-Modified: Mon, 13 Mar 2017 04:15:56 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="StickyShare_Facebook.svg"
Accept-Ranges: bytes
Content-Length: 289

GET
H/1.1 200
OK StickyShare_Twitter.ashx
bgca.org/-/media/Images/Social-Media-Sharing/ 564 B
903 B 2212ms
1919ms Image
image/svg+xml 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/Social-Media-Sharing/StickyShare_Twitter.ashx
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 54c90f7c5b7eaaf96553687a93d3a900c1259d61282078a1c976ebf20d302a85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:37 GMT
Last-Modified: Mon, 13 Mar 2017 04:16:05 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="StickyShare_Twitter.svg"
Accept-Ranges: bytes
Content-Length: 564

GET
H/1.1 200
OK StickyShare_Mail_GFGold.ashx
bgca.org/-/media/Images/Social-Media-Sharing/ 881 B
1 KB 2707ms
2470ms Image
image/svg+xml 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/Social-Media-Sharing/StickyShare_Mail_GFGold.ashx?h=50&w=50&hash=AB75E301A331598D1525B81B2CC5894C
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 2f7cf331c60a8ef5c82170a275908144ce7404e77a3f7a37b37d7121611d1e71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:38 GMT
Last-Modified: Mon, 27 Jan 2020 18:24:36 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="StickyShare_Mail_GFGold.svg"
Accept-Ranges: bytes
Content-Length: 881

GET
H/1.1 200
OK bgca_logo_GFSH_80.ashx
bgca.org/-/media/ 19 KB
19 KB 135ms
134ms Image
image/svg+xml 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/bgca_logo_GFSH_80.ashx?h=79&w=364&hash=81BAA8E239196EAFEBA908D3DE78DD2F
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 6e8eac29420bfd7ebf4daafe835d7e4c386ec88ec7031a0c442d4f6ed186463c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:35 GMT
Last-Modified: Tue, 20 Sep 2022 14:15:17 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="bgca_logo_GFSH_80.svg"
Accept-Ranges: bytes
Content-Length: 19267

GET
H/1.1 200
OK Logo_BBBCharity.ashx
bgca.org/-/media/Images/Sponsors/ 8 KB
8 KB 913ms
912ms Image
image/png 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/Sponsors/Logo_BBBCharity.ashx?h=48&w=90&hash=A5F0D1BD106BBFAF40CDD8B9E1E66D4F
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f7c20cf0b1ce979ae7e6083bb8f354d23315532925a552612b7ad40daa0aecff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:37 GMT
Last-Modified: Sun, 01 Jan 2017 17:06:07 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="Logo_BBBCharity.png"
Accept-Ranges: bytes
Content-Length: 8251

GET
H/1.1 200
OK Logo_CharityNav.ashx
bgca.org/-/media/Images/Sponsors/ 7 KB
8 KB 949ms
948ms Image
image/png 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/Sponsors/Logo_CharityNav.ashx?h=48&w=90&hash=D9EAC6E1A10DDE1BDE7EF24D875519A6
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 6ff49d262f4935789b68cfeed4a0a84df1ef7571615050f58a3f6dabcf1e8b77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:37 GMT
Last-Modified: Sun, 01 Jan 2017 17:05:51 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="Logo_CharityNav.png"
Accept-Ranges: bytes
Content-Length: 7558

GET
H/1.1 200
OK MLB_SponsorsLogo_75x40_largerFrame.ashx
bgca.org/-/media/Images/Sponsors/ 3 KB
4 KB 110ms
109ms Image
image/png 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/Sponsors/MLB_SponsorsLogo_75x40_largerFrame.ashx?h=48&w=90&hash=D9E85CB1130E80DFC91900301EC2CDCE
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 872bf83fc553470e90416b207bdacbb23c2117e62658df5b1b44d6403c276542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:37 GMT
Last-Modified: Tue, 05 Jan 2021 19:04:13 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="MLB_SponsorsLogo_75x40_largerFrame.png"
Accept-Ranges: bytes
Content-Length: 3298

GET
H/1.1 200
OK Logo_Microsoft.ashx
bgca.org/-/media/Images/Sponsors/ 3 KB
3 KB 108ms
108ms Image
image/png 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/-/media/Images/Sponsors/Logo_Microsoft.ashx?h=48&w=90&hash=F7A846272B5BCF625CAA43EC569BDEB1
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 40e6aba6bb0a9252648df2d53b3a1b5b66f51736323860eab807b9b7f927d15d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:37 GMT
Last-Modified: Sun, 01 Jan 2017 17:05:36 GMT
Server: Microsoft-IIS/10.0
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="Logo_Microsoft.png"
Accept-Ranges: bytes
Content-Length: 2810

GET
H2 200 polyfill.js Show response
cdn.polyfill.io/v2/ 270 B
755 B 590ms
9ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js?features=Promise,Map,Set,Object.assign,Array.from

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be4d70b180bf284eaaa01ba78d6daab8782a277af2c537dcf2745ed3465d476

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:35 GMT
age: 1336864
detected-user-agent: Chrome/111.0.0
useragent_normaliser: chrome/111.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=2
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 213
referrer-policy: origin-when-cross-origin
last-modified: Sun, 05 Mar 2023 16:54:09 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/111.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK vendor.js Show response
bgca.org/assets/js/ 72 KB
18 KB 93ms
93ms Script
application/x-javascript 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bgca.org/assets/js/vendor.js
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 6bf1a7bd0bbe3cace570ba9ec210d4a84435654e89b4b155471c7966fcef0715

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Jul 2020 03:01:39 GMT
Server: Microsoft-IIS/10.0
ETag: "80abe1178b59d61:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 18541

GET
H/1.1 200
OK common.js Show response
bgca.org/assets/js/ 503 KB
112 KB 101ms
97ms Script
application/x-javascript 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bgca.org/assets/js/common.js
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e14e48313f6052f54c6e014a7dca745d23d11bbca5dc3c2b4dd5690fe5857450

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 22:06:57 GMT
Server: Microsoft-IIS/10.0
ETag: "805612cccb4ad81:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 114175

GET
H/1.1 200
OK programs.js Show response
bgca.org/assets/js/ 241 B
638 B 101ms
97ms Script
application/x-javascript 137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bgca.org/assets/js/programs.js
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4c2a704595ba3af2621390272beeae09245bf7dfbacaeb1bc9dcde21c6d3d8b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Jul 2020 03:01:38 GMT
Server: Microsoft-IIS/10.0
ETag: "815d85178b59d61:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 319

GET
H2 200 ALGMTNTC Show response
cdn.fundraiseup.com/widget/ 105 KB
37 KB 630ms
51ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fundraiseup.com/widget/ALGMTNTC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3365e8967b57d4ca75251668ed486b2e6fb3983caa149f133af34b989b1c78f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"544491697"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAqLAz%2Bu89gGDjORcq1tZcnxJDtNNVXXL9QxLZKnRvsL%2FFyFVch03PKd0ZN4ske%2BJavpGnm8uo867bNnEhL4Q7nCthDfb97%2Fs2QEDAxPc2oBmMuJ4f%2F9oV0ye%2B%2FusTmAA7CJuI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7b6da66eba6990fa-FRA
link: <https://static.fundraiseup.com/0515f3b0c7f7.elementsApi.js>; rel=preload; as=script, <https://static.fundraiseup.com/embed-data/elements-global/ALGMTNTC.js>; rel=preload; as=script, <https://static.fundraiseup.com/3.bc8a57badf9b.async-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/2.8c1096fccf89.elements-langs-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/0.d72ebbfeddab.elements-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout.772ea11015f52543226a.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-vendors.5c586ed2ad85a394f13d.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-styles.4b13e1a8f63b7e7bc0fa.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-sentry-vendor.a9560c5027d40f3d6a17.js>; rel=preload; as=script, <https://static.fundraiseup.com/sentry.d9965a2061342cf21286.js>; rel=preload; as=script
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 582ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:normal,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bgca.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 116311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:04 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 184 KB
61 KB 107ms
46ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCo7uupdVmkz1ugVpUubpOykPbWxpId3Rk&libraries=places

Requested by

Host: bgca.org
URL: https://bgca.org/assets/js/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

6ee81cdf4c23f8b478412d25e81e9e4dea778569811c431d8f4a2fb5e75c4682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62189
x-xss-protection: 0

GET
H/1.1

200
OK

404.html
bgca.org/
Redirect Chain

https://bgca.org/null
https://bgca.org/404.html?item=%2fnull&user=extranet%5cAnonymous&site=website

348 KB
348 KB

97ms
97ms

Image
text/html

137.135.91.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgca.org/404.html?item=%2fnull&user=extranet%5cAnonymous&site=website
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Server: 137.135.91.176 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:37 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Aug 2020 20:30:34 GMT
Server: Microsoft-IIS/10.0
ETag: "011809b4268d61:0"
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 188647

Redirect headers

Access-Control-Allow-Origin: *
Location: /404.html?item=%2fnull&user=extranet%5cAnonymous&site=website
Date: Wed, 12 Apr 2023 18:49:37 GMT
Server: Microsoft-IIS/10.0
Content-Length: 186
Content-Type: text/html; charset=utf-8

GET
H2 200 widget.js Show response
cdn.userway.org/ 1 KB
1 KB 53ms
12ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 991a9cb113797a6ac60741d28d56a5e6daf7e188e11cf4d3863e54d0bceede36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 12 Apr 2023 18:49:35 GMT
via: 1.1 95508d0aed3588037de00c6e5e9d2eba.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BUD50-C1
age: 121
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 2204
x-77-nzt: AcO1rgUCGIv/nAgAAA
x-accel-expires: @1681326771
last-modified: Thu, 06 Apr 2023 14:07:00 GMT
server: CDN77-Turbo
etag: W/"143901be3b231699b5b8a736ff895bf2"
x-77-nzt-ray: 25b02131b1fabd013ffd366457d08334
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: g4zT8tLiDaXzUQLWurYSwM0C53bIXMuLL_gbwIclSZJ_Tk_6GmCx2A==

GET
H2 200 0515f3b0c7f7.elementsApi.js Show response
static.fundraiseup.com/ 121 KB
38 KB 28ms
20ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/0515f3b0c7f7.elementsApi.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0519550f325eca62edfe45307432d9f1d605be50c4e1c0c22efc3ad80eb829f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: W9K6BACDGT3KFVZB
age: 13202
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Jzfd7ORB/9AJ5HO53bTejHNpsePfyVntjkyiUMPnqHqkx43OEKit7CGceP5cHYjjwEN9kXpGPJY=
last-modified: Wed, 12 Apr 2023 14:57:09 GMT
server: cloudflare
etag: W/"c4e5acba06b4363767e8d8f399e0b555"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22Lt2IqDvlxRR9rh2AIWHUgewfBe7btrRl5kDLlaib39V0jX%2FdAXMQC2%2BlB3Ad0%2FkN2bjakOQ30HKqz3ymBWJYunA18pmtaK2kMNqXYTw8rGLCJl7qKZk9DwNZmwJmdXhV3KA1b3%2Bqk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da66f2ae190fa-FRA

GET
H2 200 ALGMTNTC.js Show response
static.fundraiseup.com/embed-data/elements-global/ 4 KB
2 KB 37ms
29ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/embed-data/elements-global/ALGMTNTC.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0762cd74165ef3a33018c9c79b5ee29dda63ea894d90da2e7b16003018f0fa4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: E6BERC10ATDR356D
age: 60
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: xWABnr/rtN0T975nx1xiAbEEQXm6Z+0bifR4fK/e9byOo6Dz/NyolzG1aTDjoCFc82GjI2a2+rY=
last-modified: Wed, 12 Apr 2023 18:46:21 GMT
server: cloudflare
etag: W/"5301e652033633f7fcd04be2c3210390"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQ%2BSdd3TmrPUbaQ%2FsjwhRwifyLTVBvhletNRXQe7tKIUFTihGuQhEfH548guU6GVTYWRGlULdgjRbukXKkKuujeNIy6p32W2qsNZ9CH8cqiI6IZhoenxb8YzoSnc2EDyJwWSE2ZsJIs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store
cf-ray: 7b6da66f2ae290fa-FRA

GET
H2 200 3.bc8a57badf9b.async-vendors.js Show response
static.fundraiseup.com/ 102 KB
37 KB 29ms
21ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3.bc8a57badf9b.async-vendors.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df8944bf0e8d9596e393a10db0408637c20c4a38f59e3d08c10c643a26795576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 852NXHRTNPMGDJ2F
age: 634622
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: yQsp/7D5pOEzUrngykiFgzGBGJM04CoHeHnVaYJM0fV61L4lb3zGtiYEyf+CneYdO/hK0i4e2do=
last-modified: Wed, 05 Apr 2023 10:19:16 GMT
server: cloudflare
etag: W/"9bf2c8717e7d5caae05df8bcf575ff0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHb4bUZ4OzIsO5hMdo4RAMaAwf2I12Qo2MdIYip51N7tgTR%2B6n0xfOJvKYFFGpCdM9YVz826BwddqAvksRLEpsKec%2FHIu%2B3TmcpyLZIhhg8Ib%2Fft9Hx3mdPABHdkgEt4ec4tdx50Q7E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da66f2ae390fa-FRA

GET
H2 200 2.8c1096fccf89.elements-langs-vendors.js Show response
static.fundraiseup.com/ 278 KB
51 KB 36ms
28ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/2.8c1096fccf89.elements-langs-vendors.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

065d26617564050e204f98c5987d4c8cfa8e81f7d54b07a96e73c5f6706f7528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XYZEWR5TDDXA7Q43
age: 31577
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: W1ZOZACD3FAc9+8CielgKKqAwawPVqyrZ6CTW26V/ClqBPjzJ9bIi+dw3Zz5aCCt+4rwVwB3ScQ=
last-modified: Wed, 12 Apr 2023 09:51:11 GMT
server: cloudflare
etag: W/"7f33f8f9707a04a9483daf13c3cfb9c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NozAfqCXokGQDF1ipAs7sYhlROGMBwYULPz2%2Bf6YSpcwON9%2FHjGvvpJQxD2FKYrirqRqf263RfKPSBLe5cC4ab1rwTgy%2BKz2L7iyo2WTPQ%2FzBjSxv9xc51Y35h0MhuQjxseOrIZ8Ds%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da66f2aea90fa-FRA

GET
H2 200 0.d72ebbfeddab.elements-vendors.js Show response
static.fundraiseup.com/ 65 KB
17 KB 35ms
28ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/0.d72ebbfeddab.elements-vendors.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07ba9a74a6c7ca4c17d697156e8ed01d49de7ce21e369b28323daa6e7d17ac3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XYZ5R06NEH8QA47S
age: 31577
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: c1LyOB0gLm3g37aw0lVeICninobaDYeDHcwMLwar4cj3fHnaBNHLbFJ83smik83eukerk0aVUXo=
last-modified: Wed, 12 Apr 2023 09:51:08 GMT
server: cloudflare
etag: W/"af69a3354b4ac6b295b853f151dcd574"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2O81pbIN%2B54WiKhr8HJKfIBsiWM54NczCtxhC2t5u3WC1UAjBEFLuoVt77O7J0zzhPBT94KwNqUMf8elE%2FVlnPdCXGp5toKioLY2k4dwnLRidWRbGj4TQNPoYowtkRNseaMrIfXxmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da66f2aec90fa-FRA

GET
H2 200 checkout.772ea11015f52543226a.js Show response
static.fundraiseup.com/ 686 KB
154 KB 38ms
30ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6035e43b5da22b1551c7d63d93aba85fa822bb0126d6a04c837e87a2faaafc76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: W9K4ETGC2RVZDP54
age: 13202
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: RaZft071WTjZ5Dtygj1ztuFh3a5ZC9PTZlr3Jkrl9plbCPJuTv+Qmy0sD7dyWlOC2dgX/rEjqdA=
last-modified: Wed, 12 Apr 2023 14:57:23 GMT
server: cloudflare
etag: W/"01a32fcf293748cf2a217b906977fb4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcq2m4AfyzHpqpM2cqoADX%2Bh07Zf5gxSPfto8vOlPMlJc%2BLf1lrhmY%2B55KBgtsiFfflVrm%2FnOtE95wMsY1N%2FpZhcBQRJEOWoiusbUnEWG%2Fdq69cWp%2BLIEPDb5SdXGf8UHsb%2FNY9Vvw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da66f2aeb90fa-FRA

GET
H2 200 checkout-vendors.5c586ed2ad85a394f13d.js Show response
static.fundraiseup.com/ 473 KB
148 KB 43ms
35ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-vendors.5c586ed2ad85a394f13d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64ea44ee4a3c27180a39a3c722198b69c28708474c792d759a6f3a0ee7a5e14d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZKF8M0ETFGF46XED
age: 2277438
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Zdm/kx7D4LTP7Git+XrCzP96kuZpYo2k94J4ws7TrdRuxOx6mziF7o/cxkGEmpmqUJA+3unReVs=
last-modified: Fri, 17 Mar 2023 10:00:28 GMT
server: cloudflare
etag: W/"9b782abfcb62bea5aa42e293e33640a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uW8LyTWhtbNhaFDFpO8ybZYTDjq0KGmjbEvbTbndy%2F%2Bdj3li10HZhAR7sA5kUDrJx6bolMRFWo5uneR9mJwpJhB%2B%2Fr5MKvDwpmv1WU9potAYUtnpuyxYzyMOZ%2FzM%2BKxDjVRz5VflmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da66f2ae990fa-FRA

GET
H2 200 checkout-styles.4b13e1a8f63b7e7bc0fa.js Show response
static.fundraiseup.com/ 278 KB
27 KB 35ms
28ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-styles.4b13e1a8f63b7e7bc0fa.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c2c06cfdd3c10175167819de5d010f4759b9088bbdade30e7c1eaa2c6afcbf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: W9K2WZZFT2NNSX5H
age: 13202
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: y+X1VgoacWsOOPBLCTxN1OcFNXsXkAuTYAc6roYiwCr5nG6JZRdEyk9s+aj57gvAEq4n2ErrDes=
last-modified: Wed, 12 Apr 2023 14:57:23 GMT
server: cloudflare
etag: W/"0fb9cdde19af76784ba19c56dde3d6bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hs0pwyv0VRb%2FcI0bAGijhDt%2FH4%2FPdbeRcYJyGzop9JgYrDx2UvJSS4WQqDzTXzTKdeDWpG3YkgIl3Wvo5ZJFriRzerWHKNGnL6rpdKcf3Lr1GXYl9Ou3UflwjW%2FykvCXC52CT7nkMoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da66f2ae690fa-FRA

GET
H2 200 checkout-sentry-vendor.a9560c5027d40f3d6a17.js Show response
static.fundraiseup.com/ 13 KB
5 KB 26ms
19ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-sentry-vendor.a9560c5027d40f3d6a17.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2421b5ca61a41cc4c97e3ee6eb225bc1afce257760423873298c0a146fa9f873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: YNB2M4FRF4ZHAVXM
age: 118288
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: oQXZhbq+zshLP96kLhhP1H2dkaORwn9WKaj7QojzF8IPRFd0/5aImpM4+odkeqRKkWXEXIdLmZU=
last-modified: Tue, 11 Apr 2023 09:46:22 GMT
server: cloudflare
etag: W/"86a9f7ca0c7934edd38854db9d036e36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqN5lQd1x1oIvhuMh1Qu%2Fk2HYwGWEgKRtXV4p%2BkV5xE%2BTRAXib1ZLcbf3ik6B4kS2I9IJgi5qTc5OHQ%2FqQeut0suSGKp%2BIuVD91W%2FZm%2FIf9pnV5qy6444NDjwBr7aVDtn8K%2BqK5A1UE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da66f2ae890fa-FRA

GET
H2 200 sentry.d9965a2061342cf21286.js Show response
static.fundraiseup.com/ 2 KB
2 KB 24ms
18ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/sentry.d9965a2061342cf21286.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbaaba78357d4ed64648de8c0b4d969a5422ec1a384a382fdf82e034aa07da53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XYZEJ8MPYTMXBRCG
age: 31577
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: PbasYC73wyBRUK/UDPsSm96DzCPdBh+GbhRU327wuDzZIBPq9UELHffRNA/Nh28j5wonSEP8LV8=
last-modified: Wed, 12 Apr 2023 09:51:22 GMT
server: cloudflare
etag: W/"56356539fc01ff49fc3e748662138064"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcccAfGPqK18Kopv6Uz6%2FKPdx3Feg5eEnfyJvgB1gSGtB8yxamOPzNl2n5PqG0d60p%2FGUK2JTctLfAh6lmVT73a%2FfOrykiXUFCBNWgQ0sthItvqHyiYPvK07ysLjSuT5VAXya77FTvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da66f2ae490fa-FRA

POST
H2 200 tb
fndrsp.net/ 2 B
502 B 387ms
145ms Ping
text/plain 172.64.129.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/ALGMTNTC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.129.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bgca.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXh85uUXTtPK%2FjFTwzL%2Fbfwi8zX0CSucX6ajkkGgmIzpIGix7PmTsIILuvKV8jdWjRC5B8FPue%2B8qSptpW1AZYU6VRFdk%2F3Is20HTgVBseN8SCTrJsWbbE5kkHK0"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bgca.org
access-control-allow-credentials: true
cf-ray: 7b6da670cc2737eb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 checkout Show response
api.fundraiseup.com/ 7 KB
4 KB 342ms
324ms XHR
application/json 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/checkout?key=ALGMTNTC&livemode=true

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/ALGMTNTC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

585fe900a7b553ca5ceb600be426d051929b39bd0f4f1869231c85fc32101fb8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bgca.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
content-security-policy: frame-ancestors 'self' fundraiseup.com
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-response-time: 34ms
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bgca.org
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=399asjNGhT2dayepacbUGz2r%2BoGY6Q4YOKvSumF7%2BojjdbuI8Rp8CgsQ7O01IL0Ujd%2FMLp%2BQ85awG1lBbQhCPyJjkITZHGhr1Btt7Vie%2BYGneHyFaGzt1gH4ODpOTX615t7Z6AE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7b6da66f6b4d90fa-FRA
expires: 0

GET
H2 200 XTSNUQLW.js Show response
static.fundraiseup.com/embed-data/elements/ 663 B
788 B 277ms
268ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/embed-data/elements/XTSNUQLW.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/ALGMTNTC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71c617e21aaed6237206d6afe6bd4b08e6c01ce262cfee59a2424232ce6a8bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3F7GBKEYS92H5286
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: NK9mMxQDu25UaE3iPjMRh8NgBf20G+WnV5P6lwEPIWGI/f1THTfgFUZAauwauAbRkDb5JJP/IGA=
last-modified: Wed, 12 Apr 2023 17:37:21 GMT
server: cloudflare
etag: W/"49824f0e1a44a9cc0dc1065d19073567"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIBUVWsAbozTF4I%2FCStFCDzN6J4iQTLt514vT0CDfGIHm0U2gbbQaMgxJCX%2B3owrTps%2BoAum2O4gEW890ow6FZx0LVa1Gny5rTbJlj24FbwJy8RAHnImS%2B%2BU%2Fn2HR8QubrIQoRFJz5g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store
cf-ray: 7b6da66f6b4490fa-FRA

GET
H2 200 XUUFSDMM.js Show response
static.fundraiseup.com/embed-data/elements/ 6 KB
2 KB 248ms
239ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/embed-data/elements/XUUFSDMM.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/ALGMTNTC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc2e1f2b46955fc18ac57ae77fc352edaa1487ed2fedc28862d5117d9e248ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3F7HEQ54ZJDY42N9
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4ZTLGQ0j+vEnOEOHuh7/wzcpwgtvmBA6zS9PLK7O7rSke0ZAFWwcX6FCE+7un3m1OvAFnALq5mQ=
last-modified: Wed, 12 Apr 2023 17:37:21 GMT
server: cloudflare
etag: W/"2b93d4eaee99fa8e4d1882cf15d52749"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcRbmV5YBYuP1ONjiqNfJ7gaswrBXyoaDjK0jZBfXLt04oja14qt6y23%2BL2XWn21eOJ3K37883o6L2H4kGp%2BGBdDvqHhbnjkAtkg829UJnJpWGPaIojSnYWmxM4wT%2B7EHJNOGZRnUY0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store
cf-ray: 7b6da66f6b4590fa-FRA

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4812cf4a078168d4a1338dc71eeb59def7a0699ac3535d3f6016e79832a054a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 117 KB
45 KB 39ms
18ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-PKPQL8P

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH58QX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d43b57fd5e21f63677fd4ecf138074c18689143e7c4ce83e8906aeeb875d1310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46049
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 18:49:35 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/993363915/ 3 KB
2 KB 73ms
48ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/993363915/?random=1681325375951&cv=11&fst=1681325375951&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&hn=www.googleadservices.com&frm=0&tiba=Ways%20To%20Give&auid=298457012.1681325376&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH58QX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fa3de8facd380a933c2b4705a7700ee2511abdf7d84f32fc28444368096c7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-515392.js Show response
static.hotjar.com/c/ 9 KB
4 KB 58ms
40ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-515392.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH58QX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

4b6895a273c502d52df85b832d217d6890c61b1903656fd34874c5a2e8290fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:35 GMT
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/c595fa3039353ef0a9542a3fc8d2e85f
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: LienNrtInXxDaoEm6o4kJjkH3yVkaWQMT-z56xEn7BlkzwufjXfE0g==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 44ms
15ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH58QX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=53465
accept-ranges: bytes
content-length: 4777

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 54ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH58QX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 12 Apr 2023 18:49:35 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9F23D4A613A64C4A8DDECBB319619AA2 Ref B: FRAEDGE1317 Ref C: 2023-04-12T18:49:35Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 27ms
10ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Apr 2023 18:49:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: SHHdoherRrg+67INqZo7hWdP4S4uGwI7J3ENxioCJIvLL/kBF6N8EPI+ENgUJbn+fyebLqZzKtSkAmJ9WC3YIQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ktag.js Show response
resources.xg4ken.com/js/v2/ 9 KB
4 KB 411ms
102ms Script
application/javascript 54.88.204.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N27A0-3EB

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.204.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-204-97.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6269bafb85bd4d4fed6589655f7e0b8b612397226168098f95d3507848075f6d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
content-encoding: gzip
last-modified: Mon, 14 Nov 2022 12:23:07 GMT
server: nginx
etag: "6372332b-dd8"
content-type: application/javascript
cache-control: max-age=86400, public
content-length: 3544
x-xss-protection: 1; mode=block
expires: Thu, 13 Apr 2023 18:49:36 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 101ms
41ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1612423&mt_adid=258122&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH58QX
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 776 936c8db master zrh-pixel-x1 config_version:"unknown" /
Resource Hash: 1cf0ea2d930d4583835bac8eb052ca66a252b2c02be054bbb11e427ad2fea641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:36 GMT
Server: MT3 776 936c8db master zrh-pixel-x1 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1439
Expires: Wed, 12 Apr 2023 18:49:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
82 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RZHZDDSPW0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH58QX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d162e2e14ac35ef111f3e0ba689543a62a2b596a0c8bd15d4fc99370ad4e9a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83974
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 18:49:35 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 57 KB
18 KB 104ms
27ms Script
text/javascript 2600:9000:2113:f800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH58QX
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2113:f800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ea77227b6346e5d45814a68f53cc47e948b9bcc890f84dab91583f567bda1a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Amz-Version-Id: t8nIDyz1ZEIeIyJq7klqu_Z2M8c8EFwE
Content-Encoding: gzip
Via: 1.1 9946ab784d1328de1a34d3840ab6cea6.cloudfront.net (CloudFront)
Date: Wed, 12 Apr 2023 18:07:08 GMT
Age: 2550
X-Amz-Cf-Pop: CDG3-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 04 Apr 2023 14:25:58 GMT
Server: AmazonS3
Etag: W/"16f10b1afd628b05d51fd113b057bc1c"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: d1o4WNdZ11lOHnX_druRp51XYuna657NU9XAliRU5P5YwgG_yxGI_Q==

GET
H2 200 widget_app_base_1680789796996.js Show response
cdn.userway.org/widgetapp/2023-04-06/ 132 KB
39 KB 22ms
21ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-04-06/widget_app_base_1680789796996.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7cb2203c7d59f9631e0d429c5f3ca44f2591727dc0941c5612313e7b9dccbc9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 12 Apr 2023 18:49:35 GMT
via: 1.1 9e382e3fea313f57a8108121ea203aa6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BUD50-C1
age: 27
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 535157
x-77-nzt: AcO1rgUpGsn/dSoIAA
x-accel-expires: @1706710218
last-modified: Thu, 06 Apr 2023 14:06:55 GMT
server: CDN77-Turbo
etag: W/"70135145a245404f57080a09b06374ff"
x-77-nzt-ray: 25b02131b1fabd013ffd366407c4ac3a
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: -XwdoSsk6rMuhbsssM44O1R4k7LIvTYy12ft_b8C5gw13vdzrVBn4A==

GET
H3 200 1.2b205a090a27.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js Show response
static.fundraiseup.com/ 30 KB
7 KB 22ms
22ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1.2b205a090a27.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/0515f3b0c7f7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddaae4f658a2b6dbc11c6b95482d3abc3fe9a4e7c9debd1bc13cb82b3eac2731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: YGC8ZGNA1HQFWMN1
age: 1238568
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 1VBNMeWKEYDtEjrq9gb7PIXuwx2KE4O6ngJIvBLJhyoCOKwSgrOLK+2WTa9HdhsKQj4GaS6W6pI=
last-modified: Wed, 29 Mar 2023 10:34:08 GMT
server: cloudflare
etag: W/"b9cf8c3d41da7a4b3719f052490de945"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKPzPAatDyHkzoOz5Mvttv0u0dQROF4tM0xMop%2Fh61%2F0zgjZbf4gpnkE2f7iI5UlNdcrNVpXL0wQHClcDAcKQpHilCq3nLVudGsXGNl3TWJtgqVz7Wbux3iLR9UBWBEU3C76xkHfuSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da66ffc1e3606-FRA

GET
H3 200 332.cc9c94ab4686.link-v2.js Show response
static.fundraiseup.com/ 8 KB
3 KB 23ms
22ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/332.cc9c94ab4686.link-v2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/0515f3b0c7f7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

629074e6c4a51683788693742c8faa83dffcf45e42d0467d35023631531cf54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: DC8JS55MDT9RVWFA
age: 13182
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: boA2n7PYAxupPFpm8dgVDwZ+QemyKpQa2QB2i/QYcFCOPztcYJgaqobjpHxKkuFE0uN3midKRBU=
last-modified: Wed, 12 Apr 2023 14:57:17 GMT
server: cloudflare
etag: W/"3f692c82cc9b03166a70c92ee3742336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbVZ5eVuqaf5OvXzTM%2BoyaIb01sU6L3RZOOC%2BraIHnzZSKvDnt23PSkRvMhCdtaqaiCCF0tYZDLng6CJIwlV5xDBbDR0mmiddpIk%2Fe94lI1vYQDD8spMsc4hjJ56DUuJxzu806BtPY0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da66ffc223606-FRA

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 48ms
29ms XHR
application/json 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCo7uupdVmkz1ugVpUubpOykPbWxpId3Rk&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bgca.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/9/intl/de_ALL/ 272 KB
61 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/9/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCo7uupdVmkz1ugVpUubpOykPbWxpId3Rk&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc30db248b77caa03b0486f54d262b34e783964a09abd11df80a885278a182b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61810
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 16:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 18:04:23 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/9/intl/de_ALL/ 162 KB
51 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/9/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCo7uupdVmkz1ugVpUubpOykPbWxpId3Rk&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91d9f7a1c861f5fedbe0cf405ee20e23f561ba14278023693685ee4c8c85239e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52079
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 16:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 18:04:23 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/9/intl/de_ALL/ 91 KB
24 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/9/intl/de_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCo7uupdVmkz1ugVpUubpOykPbWxpId3Rk&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ace9ddb4ab1609c7dea7d1fb579acf3723b9c435a7a090ee41712e28857003e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:04:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24194
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 16:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 18:04:24 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/9/intl/de_ALL/ 47 KB
15 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/9/intl/de_ALL/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCo7uupdVmkz1ugVpUubpOykPbWxpId3Rk&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302a0129797291d2ad622c4f829fc63d0c49f6c6b964b098fd0839d47a73a52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:04:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15662
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 16:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 18:04:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 15ms
4ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH58QX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:05:09 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2667
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 12 Apr 2023 20:05:09 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/569681/domain/bgca.org/ 36 B
373 B 29ms
9ms XHR
application/json 2600:9000:20eb:4600:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/569681/domain/bgca.org/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://bgca.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:45:50 GMT
content-encoding: gzip
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 226
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: gQT9TbUg9LQjeHccZJfWG-zjdjX1bh5h9C1mR2UOobwA9GpqL9VbOg==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569681&time=1681325376103&url=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D569681%26time%3D1681325376103%26url%3Dhttps%253A%252F%252Fbgca.org%252Fways-to-gi...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569681&time=1681325376103&url=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=569681&time=1681325376103&url=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkin...

0
265 B

236ms
214ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=569681&time=1681325376103&url=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&liSync=true&e_ipv6=AQIf_SBt7exZkgAAAYd2zUTLZBSQRG5KRbN4yfk1QPFBbAVSOPN3Xsgg7NeiR6Hnv5VTeluvCul_LyM_PpMzC2jn16ce
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7F2D0BA3E93D466AA31821628A63ACC2 Ref B: FRAEDGE1319 Ref C: 2023-04-12T18:49:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX5KBHY82w9ZiDffE6ChA==

Redirect headers

date: Wed, 12 Apr 2023 18:49:36 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 0152F08C17884B8C94E6CFCCF45BD2E4 Ref B: FRAEDGE1415 Ref C: 2023-04-12T18:49:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=569681&time=1681325376103&url=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&liSync=true&e_ipv6=AQIf_SBt7exZkgAAAYd2zUTLZBSQRG5KRbN4yfk1QPFBbAVSOPN3Xsgg7NeiR6Hnv5VTeluvCul_LyM_PpMzC2jn16ce
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX5KBHUoGYnqm+xp7F0Tg==

POST
H2 200 pXty7VnPao Show response
api.userway.org/api/tunings/ 2 KB
3 KB 803ms
169ms XHR
application/json 52.32.105.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/pXty7VnPao
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-04-06/widget_app_base_1680789796996.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.32.105.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-105-92.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: c689470f678761db18d122634f3ca051416f23886e09ba5ad16dc08d4770f838

Request headers

Referer: https://bgca.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:36 GMT
etag: W/"8df-9Zdi/9e/GJzIZGSJJJ+ftO8gKF8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr73d50fd3b8f3425
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 2271
x-service-version: uw-pr

GET
H2 200 218489151916488 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/218489151916488?v=2.9.101&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b8c84943cbb1a1f05e8039cd8c105c71940533e31bc9e9b031512985381ce2f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Apr 2023 18:49:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110316
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: oVDvYDchJb121uLvv4nQoVd6CCxWQsAGXo0/FDyQEr2obcKAawAH4uomW4daxJiUm8gWjQH9eFd0QPqK0hVkfQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
249 B 128ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RZHZDDSPW0&gtm=45je34a0&_p=1698163909&_gaz=1&cid=1331364226.1681325376&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1681325376&sct=1&seg=0&dl=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&dt=Ways%20To%20Give&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=null
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RZHZDDSPW0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bgca.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 140ms
20ms Ping
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RZHZDDSPW0&cid=1331364226.1681325376&gtm=45je34a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RZHZDDSPW0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bgca.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 165ms
46ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RZHZDDSPW0&cid=1331364226.1681325376&gtm=45je34a0&aip=1&z=1306996175

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.b22f4dd7cd6043d2b479.js Show response
script.hotjar.com/ 264 KB
68 KB 138ms
21ms Script
application/javascript 18.164.52.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b22f4dd7cd6043d2b479.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-515392.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-121.cdg50.r.cloudfront.net

Software

Resource Hash

e40956cd769c1357fd7a8ec0629155ac799c5055ac6ad3f3efccb86192b054c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 14:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 317c4501dae82980ed593347514374fc.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 13949
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69072
last-modified: Wed, 12 Apr 2023 14:56:47 GMT
etag: "5e657ee37d0e478d570248420fd1b1d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: MlvKZPVwZzW-fg-1Rvi1npMu6l0U7GMd2sNs30TttqRwLRbHv7kO0Q==

GET
H2 200 /
www.google.com/pagead/1p-user-list/993363915/ 42 B
455 B 134ms
18ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/993363915/?random=1681325375951&cv=11&fst=1681322400000&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&frm=0&tiba=Ways%20To%20Give&fmt=3&is_vtc=1&random=3450812437&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/993363915/ 42 B
455 B 137ms
21ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/993363915/?random=1681325375951&cv=11&fst=1681322400000&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&frm=0&tiba=Ways%20To%20Give&fmt=3&is_vtc=1&random=3450812437&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 39C0 7 KB
2 KB 41ms
40ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=28076436-fd41-4d00-87b1-223d3c27a023&no_iframe=1&mt_adid=258122&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1612423&mt_adid=258122&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 776 936c8db master cdg-pixel-x12 config_version:"unknown" /
Resource Hash: 12efbe5d74ad77912fa70fea5fe914237cbbbf36fa8f7804b0691d4cf1d076fa

Request headers

Referer: https://bgca.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2116
Content-Type: text/html
Date: Wed, 12 Apr 2023 18:49:36 GMT
Expires: Wed, 12 Apr 2023 18:49:35 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 776 936c8db master cdg-pixel-x12 config_version:"unknown"
Vary: Accept-Encoding

GET
H2 204 26263994.js Show response
bat.bing.com/p/action/ 0
117 B 108ms
108ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26263994.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 12 Apr 2023 18:49:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F2168EA2323144A79B3E43DA9C636D3B Ref B: FRAEDGE1317 Ref C: 2023-04-12T18:49:36Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26263994&tm=gtm002&Ver=2&mid=cce3716d-bb9f-4707-b183-ec1250bff8d7&sid=c57ee7d0d96211eda2470d08ccdb74ad&vid=c57f0d80d96211ed9105c10ecefacbd4&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Ways%20To%20Give&p=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&r=&lt=2946&evt=pageLoad&sv=1&rn=183679

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Apr 2023 18:49:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2D5D9384DD8C4808AA76415284633043 Ref B: FRAEDGE1317 Ref C: 2023-04-12T18:49:36Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ 0
492 B 75ms
35ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 776 936c8db master zrh-pixel-x10 config_version:"unknown" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:36 GMT
Server: MT3 776 936c8db master zrh-pixel-x10 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 12 Apr 2023 18:49:35 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/WASSXQUF4NDE7JKMEBXCLD/index.js
https://s.adroll.com/j/exp/index.js

28 B
784 B

24ms
23ms

Script
application/javascript

2600:9000:2113:f800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Server: 2600:9000:2113:f800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Amz-Version-Id: KLTaAvzmAP.1_rS.URSLlTS3u46mZQHP
Date: Wed, 12 Apr 2023 08:00:10 GMT
Via: 1.1 9946ab784d1328de1a34d3840ab6cea6.cloudfront.net (CloudFront)
Age: 38967
X-Amz-Cf-Pop: CDG3-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Tue, 21 Mar 2023 16:39:30 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Sce5jfrwc0JrNa59oSWalMYm6cUyuZRMIov8Nc4rri-e19rEp_f1AA==

Redirect headers

Date: Wed, 12 Apr 2023 09:11:28 GMT
Via: 1.1 9946ab784d1328de1a34d3840ab6cea6.cloudfront.net (CloudFront)
Age: 34687
X-Amz-Cf-Pop: CDG3-C1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: xupMoJ3V0D9vaiWPluCHWzaH4pWMcYPF9DBmzQx2ALyRg4VkGYXI-g==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/WASSXQUF4NDE7JKMEBXCLD/AUYEXVHHYVAJFNWZWF27LK/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
755 B

34ms
22ms

Script
application/javascript

2600:9000:2113:f800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Server: 2600:9000:2113:f800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Wed, 12 Apr 2023 02:11:56 GMT
Via: 1.1 ed0b7f757277c9400d55f37abd579b7a.cloudfront.net (CloudFront)
Age: 59871
X-Amz-Cf-Pop: CDG3-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: nWOf2ElJeFnfCX2KocIchlyifAyZtKoDbG5KPvLKWI6a8Gp3L0QH8g==

Redirect headers

Date: Wed, 12 Apr 2023 12:18:23 GMT
Via: 1.1 9946ab784d1328de1a34d3840ab6cea6.cloudfront.net (CloudFront)
Age: 23472
X-Amz-Cf-Pop: CDG3-C1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: YUt6ffnrkg7BUZCyZ7-hhLNLZ_Cr8zCG7JH5l_gVHjDiYOWidw8QBA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/WASSXQUF4NDE7JKMEBXCLD/AUYEXVHHYVAJFNWZWF27LK/ 0
807 B 56ms
22ms Script
text/javascript 2600:9000:2113:f800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/WASSXQUF4NDE7JKMEBXCLD/AUYEXVHHYVAJFNWZWF27LK/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2113:f800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Amz-Version-Id: awgSNk2bzc8dGgyISmlt.2ryXb9yNekE
Date: Wed, 12 Apr 2023 18:44:26 GMT
Via: 1.1 9946ab784d1328de1a34d3840ab6cea6.cloudfront.net (CloudFront)
Age: 546
X-Amz-Cf-Pop: CDG3-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 05 Apr 2023 22:07:07 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: GL5Md6hTje1UhTYqWto9uX96UQdoIZDgcjx8HkZoVeGOdYLyGxbhmA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
344 B 98ms
19ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-3761046-2&cid=1331364226.1681325376&jid=347411108&gjid=884836123&_gid=661438469.1681325376&_u=YCDAiAABRAAAAE~&z=657018894

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bgca.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 12 Apr 2023 18:49:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bgca.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1698163909&t=pageview&_s=1&dl=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&ul=en-us&de=UTF-8&dt=Ways%20To%20Give&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiAABR~&jid=347411108&gjid=884836123&cid=1331364226.1681325376&tid=UA-3761046-2&_gid=661438469.1681325376&gtm=45He34a0n71KH58QX&z=920745840

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2664
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 307.f04a5bd870dd.donation-form-v2-styles.js Show response
static.fundraiseup.com/ 11 KB
4 KB 25ms
24ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/307.f04a5bd870dd.donation-form-v2-styles.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/0515f3b0c7f7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a13143be4f955b2d9d6d646a02436e74dd5f0bd1a8feeb4a637d17160831182d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BQG5YE2SQPEPA5NV
age: 31461
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: wLb3vYK3GWx3+gKfeEftTl/WKvKdfqge+Lg+P0ZAcZ0y61Dz8SyVPEVGozZ46h5NSx/DmfAFA34=
last-modified: Wed, 12 Apr 2023 09:51:15 GMT
server: cloudflare
etag: W/"e2fea85869c86db9a3c93f7f8a7836e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zm%2BbGaeBPtn85%2BpAeC1Dz3ATNPzLSoC2hZ56iVTlfUv40B9psexHlsfH84OpxAaHZbUpys7RxHm4NnfzyRfv%2Bkfe5NdRblfsx2NVqZZZ9Jj%2BzB95r%2FvK9JOLIiqtE0caFM17Pxa4L3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6714ec83606-FRA

GET
H3 200 305.6fd3804cad78.donation-form-v2.js Show response
static.fundraiseup.com/ 53 KB
15 KB 17ms
17ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/305.6fd3804cad78.donation-form-v2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/0515f3b0c7f7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7091d10e1a06dc8738ea5a6941052cbd2cdda8237f5e1dd0c7aa312d054075d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JDKZ9ZBCY841CN4M
age: 13080
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: aP0KTeCsyWZGXwdv8/EzMgXt+lD/6DVUiJgdQ090gmSFGYAJ3KynqVkk0+/Xyj02ToeYtQNlHOU=
last-modified: Wed, 12 Apr 2023 14:57:16 GMT
server: cloudflare
etag: W/"8a51291f4310e9abd97a002c6a30f690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktm8pTGTWtbLESFLJuyontP80eD6Bm8xX9QdikMuZWx7avbKcaY4ijYDYV6P7ovZlJpcGtmETWL64hVJtcYoRq2dQgSyWNXtHUBRVx5RampRbuUHshW%2FTP5QnZJs%2BvAZZ%2BvDMF%2Bb0NM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6714ecb3606-FRA

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 39ms
16ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Wed, 12 Apr 2023 18:49:36 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
4 KB 25ms
15ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Wed, 12 Apr 2023 18:49:36 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 33ms
6ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=218489151916488&ev=PageView&dl=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&rl=&if=false&ts=1681325376226&sw=1600&sh=1200&v=2.9.101&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1681325376224.1237103573&it=1681325376124&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Apr 2023 18:49:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 304.7b7faab33597.donate-button-v2-styles.js Show response
static.fundraiseup.com/ 3 KB
2 KB 20ms
19ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/304.7b7faab33597.donate-button-v2-styles.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/0515f3b0c7f7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ae2838948e4994978ea16176900e65292066e137f1546de1d2ef876bb036978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C99SGJ7D7ZFG3VCT
age: 31564
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: mGlZy7XS0WPCZU0I1Mh7w8SzcxZ78+Ks1qZpgVkxgdGgsIWx95aXvWcTCzil0bNHHJKhSyq9q2M=
last-modified: Wed, 12 Apr 2023 09:51:15 GMT
server: cloudflare
etag: W/"e39f285bec389c8a4143b5a83d537bdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeTWSn9fJJ%2BOWhC87aXH2cGzbng4h8zMTzPHCMSGSqACmF24PHgvRQG4RxFst4T6vGkvlkaV4XPVzaKVTlpN7VfznkE1adLf9L9R%2Bxcp1vx1F9UCkLzL8yUlnmtrduY2WcUysdZrxO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6717f113606-FRA

GET
H3 200 302.a5ceacd1869d.donate-button-v2.js Show response
static.fundraiseup.com/ 15 KB
6 KB 16ms
16ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/302.a5ceacd1869d.donate-button-v2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/0515f3b0c7f7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45b762459e23c0f0804f44d708b1574262a1264e61881e90aa37432b1451fc26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CCXFS9GV96WDN8PX
age: 13130
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: vZI0u/iH7p4fQ8dulvQ43Nd1tKGfzThN1v7iCJ/eRxibUX5ikWJ/XzziwuFCDxFqK9t1lMa4GiU=
last-modified: Wed, 12 Apr 2023 14:57:16 GMT
server: cloudflare
etag: W/"6841b1aaff8c89aa6f22230125ab3f14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FQGzLIguZwHOpw5VNCHOpdf24%2FykOfxX5KWCZU%2FKRTswhkBN%2F3%2BnhBdP2UwuaoDrRKkfWGbE%2BvEMSdDM9nDZZNJL5HtRwRoPSxbvuG7FLJB5%2Bmc7%2FdnnrkyGIqstIRUwBOVa4sJh2E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6717f123606-FRA

GET
H3 200 6873.680371e07b176774d33d.js Show response
static.fundraiseup.com/ 253 KB
78 KB 33ms
33ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/6873.680371e07b176774d33d.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9506e03568e0e4d2a990071e8d46b62842329c4f19d3bc13229cf295c55c178c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3TE0K8WE3N2PJ17M
age: 118249
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 3e28dLOXc+C+HRznnU0rlaGDzIavZCk6mf/AStVPQXQDd6HVokHsBoBIzqUrGPKvxN438QdkmRY=
last-modified: Tue, 11 Apr 2023 09:46:20 GMT
server: cloudflare
etag: W/"da4abfced61ae3aa141b260819e48def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3KEWglhp37hw27ev%2FyBvuIPZB2J7%2B%2FjqVnbnAfGKDzpZ5XDEFVZV3NS%2B9jM2CbOF%2FORCIEg90%2F00IlCcuKLcpuo4W%2BIKSKpc5TLKD%2B%2BprjySZluwkfbfrfKDW%2B5Xnr1a9AV%2FyyizM4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6717f243606-FRA

GET
H3 200 checkout-locale5.ad328567f726daba8863.js Show response
static.fundraiseup.com/ 52 KB
14 KB 21ms
21ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-locale5.ad328567f726daba8863.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eaf66587b00daefa7dbff8bda78c9d1ddb0a160f632985c00e9979e64abbb8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG9YHKC03FNZET4A
age: 1326869
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4P6uyLHHs2RK5eeOdWYXAX7jGs++iNLuTR3ewmjXEusdi7X4+hHkN3sCqw4Zw8VMF5iGPBHoaH4=
last-modified: Tue, 28 Mar 2023 09:53:23 GMT
server: cloudflare
etag: W/"ae41200b2f81a1585946f8897247f7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6b%2FzHaN%2BrKXD%2FnygaKt%2Bx38U96BSaiq30urOyzte9FpXuusXHZ7LjiCF2jiOyE8mBzWbToBEEy2uDA4YfRqZOYgaopMzjwCXmxh%2F2ZV4pAjNXaCZgacoSHhtH2RfhegOGI%2Bv4C2gHJc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da671cfa83606-FRA

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 429F 452 KB
122 KB 64ms
23ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c92e0254c8f108457041eb58ff0a4a62d998e38e48fba7c91a316521acdd9629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:36 GMT
via: 1.1 varnish
age: 22
x-cache: HIT
content-length: 124501
x-request-id: cc02de32-9839-441d-b0b6-8fd8b1aff4f9
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 12 Apr 2023 17:32:27 GMT
server: Fastly
etag: "1973c1eca75b0ed23fe2201d5e305e16"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 / Show response
js.stripe.com/v3/ 452 KB
122 KB 49ms
9ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c92e0254c8f108457041eb58ff0a4a62d998e38e48fba7c91a316521acdd9629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:36 GMT
via: 1.1 varnish
age: 11
x-cache: HIT
content-length: 124501
x-request-id: ab694c95-1e54-4eac-a060-c4a33c3048bc
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 12 Apr 2023 17:46:36 GMT
server: Fastly
etag: "1973c1eca75b0ed23fe2201d5e305e16"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 WASSXQUF4NDE7JKMEBXCLD Show response
d.adroll.com/consent/check/ 463 B
556 B 122ms
33ms Script
application/javascript 2a05:d018:cc3:fe05:c272:fe68:50ad:1ea
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/WASSXQUF4NDE7JKMEBXCLD?pv=96450138201.6963&arrfrr=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&_s=fda9bec039c5153ed196a7b0138a35a4&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:c272:fe68:50ad:1ea Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 732e7eeb9a4a0a0bb43b94f94ef1766ecefc7b58240e0ff6d1fdd3b669bb0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
server: nginx/1.22.1
content-length: 463
content-type: application/javascript

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 45ms
44ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-3761046-2&cid=1331364226.1681325376&jid=347411108&_u=YCDAiAABRAAAAE~&z=1683075055

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 47ms
46ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-3761046-2&cid=1331364226.1681325376&jid=347411108&_u=YCDAiAABRAAAAE~&z=1683075055

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame AFCE 56 KB
56 KB 38ms
26ms Font
application/octet-stream 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bgca.org/
Origin: https://bgca.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: X1Y9CQXQ833AYXH7
age: 487191
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56996
x-amz-id-2: WHF0bJxmmchN8XFZGfGj+iqYYqoWSwnjxExjOOsZjQw4/AO8bPaTHnzz841Fu90LT4FusiJw0PU=
last-modified: Thu, 06 Apr 2023 10:26:10 GMT
server: cloudflare
etag: "643ad5d92cd7c31076790077c3003abc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4OL1M8i%2Bv5IojAJm22j5RC9fw6AAaHz3zwA3213Gw81nG1VNRpMh359RoPz116V%2F5oxGm0c7%2FDWp73pyc0hNw6%2BfQbpgdDVC8XznC6a8vrEark5Vm%2BJd6EYtEwd9Bh6ibZUWoDdrQI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7b6da6722a763609-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame AE9E 52 KB
53 KB 411ms
410ms Font
application/octet-stream 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bgca.org/
Origin: https://bgca.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3F7Y2PG2WKEFJ5VZ
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53064
x-amz-id-2: UY/K8fPuqbPAgwQwTbDJUtlNaUtaQKyubHJRa8WQaP5K6KRl0QB8PEWELRA72o3ODnwjdg+CXIrrs9UL6ZZF0g==
last-modified: Wed, 12 Apr 2023 14:57:11 GMT
server: cloudflare
etag: "c9e466876957e9d2128f63b225a81ae3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsGncPk0W14dEORIYn3IM5uNDFLtYWLZAMMeAvPbI1iJWh%2Fe%2Fb51217zXe3j%2BwSj8XT2ppb8VRCAvzXAkcCngHJHdPky6qP6ySmO4yxcib0sdUXVZuwqoWVImX%2F2sgncClcy4kNMfaw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7b6da6726ada3609-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame AE9E 56 KB
56 KB 22ms
21ms Font
application/octet-stream 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bgca.org/
Origin: https://bgca.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: X1Y9CQXQ833AYXH7
age: 487191
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56996
x-amz-id-2: WHF0bJxmmchN8XFZGfGj+iqYYqoWSwnjxExjOOsZjQw4/AO8bPaTHnzz841Fu90LT4FusiJw0PU=
last-modified: Thu, 06 Apr 2023 10:26:10 GMT
server: cloudflare
etag: "643ad5d92cd7c31076790077c3003abc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09JYgdpE8XQxb2LPDXNJzWavPTAbuWiE3OTk9HqPqzl4GZQJu73grdKK6QfIjtCkZvuca7Wxj7H57PUNGPOYsVtyQpXgOJqmeYGiYDUTKLTjf7U0maaUE9I72F%2FTFWyTavTNEk65NL0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7b6da6726adb3609-FRA

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 39C0 43 B
528 B 43ms
42ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=0:30&mt_cb=576826&mop_top=
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=28076436-fd41-4d00-87b1-223d3c27a023&no_iframe=1&mt_adid=258122&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 776 936c8db master zrh-pixel-x30 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=28076436-fd41-4d00-87b1-223d3c27a023&no_iframe=1&mt_adid=258122&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:36 GMT
Server: MT3 776 936c8db master zrh-pixel-x30 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 12 Apr 2023 18:49:35 GMT

POST
H2 200 / Show response
sentry.fundraiseup.com/api/2/envelope/ 2 B
156 B 284ms
93ms Fetch
application/json 147.135.78.45
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.fundraiseup.com/api/2/envelope/?sentry_key=cb0af19166ad4bdeb8c3efc4848d6635&sentry_version=7&sentry_client=sentry.javascript.react%2F7.47.0
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/6873.680371e07b176774d33d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.135.78.45 , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Caddy, nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://bgca.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bgca.org
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
date: Wed, 12 Apr 2023 18:49:36 GMT
server: Caddy, nginx
content-length: 2
vary: Origin
content-type: application/json

GET
H3 200 9304.1f6427175b48cc5af655.js Show response
static.fundraiseup.com/ 38 KB
12 KB 26ms
20ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/9304.1f6427175b48cc5af655.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a46c4dfb877a33939c70ff8348140c505f3d1c6ead31a3bd76e4ffe91a95cc20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9ETYS23SN1T7MPEM
age: 203988
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: u1aF2Qz2gKPQQ8E41vtOf+4yQBzrnsVQbqudX0gbqdTdZEZAySlhTKolvwy0ynMnvsAk0yv8un0=
last-modified: Mon, 10 Apr 2023 09:53:23 GMT
server: cloudflare
etag: W/"7e966f0286868c0e1feb026c97441e58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8N27JDhTch7qjx03PUnZu%2FeETHwcBdmN5ax7ye5lkJssit3isWspjPpuyxnNwT5S%2Fz6HSsWr6%2Fcsi1x9o9GpIJGYomUcACPZnRKTg3unLZp6Zj3%2Fj6jHJX5iPV1uErMLMNWkV3unJQI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6738b083606-FRA

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 39C0 0
492 B 40ms
36ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=28076436-fd41-4d00-87b1-223d3c27a023&no_iframe=1&mt_adid=258122&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 776 936c8db master cdg-pixel-x30 config_version:"unknown" /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=28076436-fd41-4d00-87b1-223d3c27a023&no_iframe=1&mt_adid=258122&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:36 GMT
Server: MT3 776 936c8db master cdg-pixel-x30 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 12 Apr 2023 18:49:35 GMT

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/85046614-f79e-4135-aa46-f10361434581/ 399 B
427 B 374ms
344ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/85046614-f79e-4135-aa46-f10361434581/lightbox.js?mb=1681325376624
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9c4b023c5d1475e42bdc3b9dab1ba6192c6bb601062f28a6966c8c662f67343d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 12 Apr 2023 16:21:37 GMT
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 7b6da6741a9e2c35-FRA

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 429F 259 KB
73 KB 57ms
16ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=5K24XTFT6SEE8&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9cac943beecbb303023c4ccdee382932a8cb0f05e4e36db2b125ecd522bc972f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-Pb1FJrSrq2ixzrm8vFmCVt63J1I+s0RfkFzL53Ou8a64Je47' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Pb1FJrSrq2ixzrm8vFmCVt63J1I+s0RfkFzL53Ou8a64Je47' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Pb1FJrSrq2ixzrm8vFmCVt63J1I+s0RfkFzL53Ou8a64Je47' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Pb1FJrSrq2ixzrm8vFmCVt63J1I+s0RfkFzL53Ou8a64Je47' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:36 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 309
x-cache: HIT, HIT
p3p: true
paypal-debug-id: f3409732fc854
server-timing: "traceparent;desc="00-0000000000000000000f3409732fc854-a552fdd6d183deb8-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 74002
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220052-HHN, cache-fra-eddf8230071-FRA
traceparent: 00-0000000000000000000f3409732fc854-8eb6a0d74d99b279-01
x-timer: S1681325377.698779,VS0,VE4
etag: W/"12112-5X9M1/RlJfeu8UEfpUj/uQDGQpk"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 controller-4e4663227a7434a38009e2b0047bf2ee.html Show response
js.stripe.com/v3/ Frame 9A16 325 B
711 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-4e4663227a7434a38009e2b0047bf2ee.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

76f0ee0adf326bdc25aa3ce3fee554bbfb065f07510cd6d78370d124c79835d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bgca.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 17
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 18:49:36 GMT
etag: "4e4663227a7434a38009e2b0047bf2ee"
last-modified: Wed, 12 Apr 2023 17:06:41 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4
x-content-type-options: nosniff
x-request-id: 008ca6c7-3807-4850-ac5a-5f1d22d81b14
x-served-by: cache-fra-eddf8230111-FRA

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 2651 200 B
767 B 8ms
8ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bgca.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8537830
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 18:49:36 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 570209
x-content-type-options: nosniff
x-request-id: acceae4b-fc1d-4b20-9c82-2f18f5a6e24e
x-served-by: cache-fra-eddf8230111-FRA

POST
H3 200 1355836622519307546 Show response
api.fundraiseup.com/paymentSession/ 541 B
872 B 407ms
407ms XHR
application/json 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/paymentSession/1355836622519307546

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/6873.680371e07b176774d33d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82bcb67b0b877046e48d19613167ca16f29a8658399772be1b48680646d79f30

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bgca.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
content-security-policy: frame-ancestors 'self' fundraiseup.com
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-response-time: 101ms
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bgca.org
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FD3RK3%2Fr9UraBHZNmTP54MICvK9hM5zfcuUk49%2FNmCXHlb7F%2BYvI9q6p9mrQqbF%2FmdDKefjvOj2q7Go4dNstfacdfFPjMis%2FGRgeBZbbkOQcRJOkVTbX4fYJFDlCuhw32LFRe%2FY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7b6da6749d783606-FRA
expires: 0

POST csp-report
q.stripe.com/ Frame 9A16 0
0

GET
H2 200 shared-8f0efe81f6283029ec47a17eef507ceb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9A16 404 KB
97 KB 8ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-4e4663227a7434a38009e2b0047bf2ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a958b3f616d681c715832cae2452bdf2c48b11d68c93f21ca7c513f1289b557a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-4e4663227a7434a38009e2b0047bf2ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:36 GMT
via: 1.1 varnish
age: 6068
x-cache: HIT
content-length: 99230
x-request-id: 45d6aacf-3b2a-4f35-911d-3e7c20919214
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 12 Apr 2023 17:06:52 GMT
server: Fastly
etag: "8b8b4f9d8ae838147627b04117051f4c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 561

GET
H2 200 controller-caf09a8de84ceef1b7dbaf649bef4f17.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9A16 446 KB
122 KB 8ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-caf09a8de84ceef1b7dbaf649bef4f17.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-4e4663227a7434a38009e2b0047bf2ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5f0bd76e72ed7178e96803461c7c30254b2505ae102f06c57ab534de0d803913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-4e4663227a7434a38009e2b0047bf2ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:36 GMT
via: 1.1 varnish
age: 6068
x-cache: HIT
content-length: 124994
x-request-id: cf4f7e74-58ab-4de0-a123-3ced7d378407
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 12 Apr 2023 17:06:50 GMT
server: Fastly
etag: "4ff5499cd635bbd07bf878e9a8fd26c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 538

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
6ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=218489151916488&ev=Microdata&dl=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&rl=&if=false&ts=1681325376764&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ways%20To%20Give%22%2C%22meta%3Adescription%22%3A%22Support%20Boys%20%26%20Girls%20Clubs%20of%20America%20because%20every%20kid%20deserves%20a%20Great%20Future.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Ways%20To%20Give%22%2C%22og%3Adescription%22%3A%22Support%20Boys%20%26%20Girls%20Clubs%20of%20America%20because%20every%20kid%20deserves%20a%20Great%20Future.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fbgca.org%2F-%2Fmedia%2FImages%2FWaysToGive%2FWaysToGive_Pic1.ashx%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fbgca.org%2Fways-to-give%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.101&r=stable&ec=1&o=30&fbp=fb.1.1681325376224.1237103573&it=1681325376124&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Apr 2023 18:49:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 203 csp-report
q.stripe.com/ Frame 2651 43 B
213 B 1577ms
1210ms Other
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 12 Apr 2023 18:49:38 GMT
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
server: nginx
content-length: 43
expires: 0

POST csp-report
q.stripe.com/ Frame 2651 0
0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2651 631 B
468 B 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:36 GMT
via: 1.1 varnish
age: 12955487
x-cache: HIT
content-length: 332
x-request-id: 7618eb95-2331-408e-a44d-fdc911b1e2e4
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 486798

GET
H3 200 5522.a4e94ab38fc53ddeb3ff.js Show response
static.fundraiseup.com/ 12 KB
4 KB 18ms
18ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/5522.a4e94ab38fc53ddeb3ff.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3e9185e9e7de7a7305922fcef261f87ba5d7fb984485e4f5cf1504048d1b6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9ETW4MWC1ZNEJCTK
age: 203988
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: fwLZGELDr09EHs4MUDVO9IXFYcz6QrUMGNUAawz/q43n/jsnaqP32ObDuQsdP0kleMxAvtwQqV4=
last-modified: Mon, 10 Apr 2023 09:53:21 GMT
server: cloudflare
etag: W/"be6fb77b951e86df8cb4e2d043e98e7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toGoUMEboOe9B57nplJrFA8UYwkFyD%2BsYw8effEwyzOrGXyLN58fWo%2B3Vcta%2FAXSSnBOsuzR1Mh8P8pjI4%2BvLYuq0q3vZnRJ13oRAZMqLIUJYM5wLS5Bhoz9%2BdRf6THLUS3c%2BKHwhao%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6750e6e3606-FRA

GET
H3 200 8531.02c44ba8e627f654732b.js Show response
static.fundraiseup.com/ 106 KB
29 KB 27ms
27ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/8531.02c44ba8e627f654732b.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51fe8748fc11fbacd6794f728e890abd4a6b3df15d6d282f0d733f915ec7c31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C2MF8NBMFK6V935F
age: 2018239
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: gLWXdjEWQYyb7uBgBGeTg2xNXn8Z4D82l7ZRj5gYIzHjVibEjYJwMz+2eTmB2ix/JTQ1ghpdFkk=
last-modified: Mon, 20 Mar 2023 09:58:26 GMT
server: cloudflare
etag: W/"bb25caf41f5e1b6d412f7bed2aefb2de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GkXhGrpEzKHYvl5egYT6ixz8%2BgAnATPEMV6pkP6wzMtUQDgmrzrnfPiPIMYaHCXsHT4paylZupG6UxBbUVBcEzpKkrPmHYK3qTRAqycnsfIJ5KIcqrg89VQQ9S0ne0tpvTQiG54Khs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6750e713606-FRA

GET
H3 200 3881.b47f7c663762341d3acf.js Show response
static.fundraiseup.com/ 8 KB
4 KB 23ms
23ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3881.b47f7c663762341d3acf.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d4babde41db04eee4598374bfcf9b9447c40e3c8e88e7b76b865807e62d9ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 70BTG62VS87DW828
age: 735993
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 78NaLyg5uhQp+tl3n88LuTzonoSNAhcY4Oc5W2CKDSC9634l0J6EiYqyXvgOOVH9Ydj5FqC90zs=
last-modified: Tue, 31 Jan 2023 11:22:59 GMT
server: cloudflare
etag: W/"8f7d3db8bdf4cc0f4eb3a2017303955b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0OKa3xNLRdPc4wpwl27UiHADsXSar0y8FZ44Ho9LSh9%2FNnkf%2BQzd%2FFQBkq3TgQcDTfvMImLHfasagwwnxr2IV%2FoA9qxSwtwo9l8aGCktN0oE5M%2BvvbyQh3AfB7rw%2BQ0mr0BaiYX6Zc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6750e733606-FRA

GET
H3 200 8443.4b992d5b707f3adb3c42.js Show response
static.fundraiseup.com/ 3 KB
2 KB 18ms
18ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/8443.4b992d5b707f3adb3c42.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81acf92bc595059670c0c0c9b0686f8322278490b88d6d9ba8f694b5c7274b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 70BSAHNN0FN0XA87
age: 735993
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: m7ogz0iTU1mTALx6UqqUvZzUSGQlFNGx22eAIdPsL+o16T6tp63Z/qvSHgDCcx6q3nZSgS5Xyac=
last-modified: Tue, 31 Jan 2023 11:23:02 GMT
server: cloudflare
etag: W/"008e602d6756142696b0da6e2b8339e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZsmrE1TVj7U16LQk9R5XaV51%2BgWR7aBYh%2BO8OryiFBe4uggZYw22DgtCJxW0FpOnF4MvHY%2B3%2FzZ45%2FArfpyMBZsKJ1rCNgQk832bfjkAkkGTw90bIUEWgkWvxegIaGihxKkvpvdTtU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6750e773606-FRA

GET
H3 200 3344.df984ef7f56131651bb9.js Show response
static.fundraiseup.com/ 26 KB
7 KB 26ms
25ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3344.df984ef7f56131651bb9.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa3e1fc1ae03041412d4036a453d1b86fac3adbefae7fd5065535a6b71b19442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9ETWBAEWE58M8RBR
age: 203988
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: LVtpN3+wLr+BwOQ0ZNfoaKC9/K4W+rLYYusTkNHmkiCZof1cEZcklRGWLO7cY5lK83yDXxhLej8=
last-modified: Mon, 10 Apr 2023 09:53:17 GMT
server: cloudflare
etag: W/"017deb8470c7ff95641a54028c0ac1a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2S8NsOXQgJ%2F5H87QXkMoYwtigBHJ8XvA5Vajkj3nhzapJvO%2BxFBlrJ86Uf7aqmmq0YZjfkyDp3rjwiMu%2Fd4AYAca7XGOm6btkQZtG1XGLkZkIy2WwsG8Sz0o2lOFN08vDjtOrO8yotg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6751e8f3606-FRA

GET
H3 200 6595.4eb940ef55662746d011.js Show response
static.fundraiseup.com/ 62 KB
19 KB 38ms
35ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/6595.4eb940ef55662746d011.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0963455d15fe0d8135c83e908b7e01f546b388c0bbfaf55cfe6f20316a7cf279

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9E60V2TTSRM1JHC3
age: 1238481
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: XvjD2Kd3P5q4oZzI2gNUL3XypEGVEAwyhn32to0b8ChQcvL8yAtvjHb5S6uWIXiS7vQ4RY7TaOs=
last-modified: Wed, 29 Mar 2023 10:34:19 GMT
server: cloudflare
etag: W/"7810ad90d03da7aca920f7cdb1521b3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxnf%2FUQWs9bGCz%2FE42ROd9xlWv2rsLiEGZhphjsZ2dDO1biuKIM4bgXDmpWm6ihlAhOfB%2Fk4tT9QBPW0Ky1e3hsp9bkzxCr%2BcFwhmClPFFm1%2F6ssW9kT2gqrbiE82f98sYFkLO%2BJLok%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6751e993606-FRA

GET
H3 200 7470.6d0c7eb5a896c7e9a5a3.js Show response
static.fundraiseup.com/ 25 KB
9 KB 25ms
23ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/7470.6d0c7eb5a896c7e9a5a3.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cc66c25fed318c86075748cff18f10625da5d734238a90e0efed1ca5ae71445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 55YRZ47GCJ800NC6
age: 32942
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: gyAEmXe+HtqdHX2ehg1KYxorBoeFFlJ+6SIs5+HdLOJXRLksV4nEKZFeWQK/CHdpMHIAlJMndFQ=
last-modified: Thu, 09 Feb 2023 09:19:46 GMT
server: cloudflare
etag: W/"05b32403174d5dd6ea7b17c452ba7bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrOTKsrsW8%2FvHzVDHhDobAymUp3AnYqPPdErzFajCu%2FnZl2AuyMfdFjpBXz9XvqgQg7fo0iN%2F9MPPmWcRmNUjcT6yyJZtEAwyOMAOJ3mVM4vQUcE9u5Y4uW6Xys2WZTfQAqRP0%2Fqf%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6751e9c3606-FRA

GET
H3 200 4172.1c0a66e3189eed1ebffd.js Show response
static.fundraiseup.com/ 18 KB
3 KB 35ms
32ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/4172.1c0a66e3189eed1ebffd.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01014fb5bed5e21b7ae3ca6d476b9b24617c8b2077dd96fab4836697f1476e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 70BYB7EK2PTTXSKK
age: 735993
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: sxrL8hwQ0rrqW0LyTE2S9vRi/5uvvvAGktBAfOR1w1N2CfNyK3vk4EpGtqsFYYfYQ8DF2MD/uOA=
last-modified: Tue, 31 Jan 2023 11:23:00 GMT
server: cloudflare
etag: W/"440cb8c0adbc34dbdded50b143db1d9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzeBCd8MRoBVKKkVALqWocruayyXjYDuKcV9uOuicWT57d4Zdh8DQ4zOS9s1O4s%2BDWrStm1%2BlgFqD2vjVIPxwRiI6dYMEVzfAqnsUgQ9UWAU3WhG%2FFBHjan06Lxyqcys4T2Mb0WZOAI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6751e9e3606-FRA

GET
H3 200 976.c54dd26be3ebe38e3e43.js Show response
static.fundraiseup.com/ 2 KB
2 KB 41ms
39ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/976.c54dd26be3ebe38e3e43.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c649ccd3175950a89a24ed7311398f799dcca41c2bbf89ca1adc8654755244a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Q501H4768QBZAR3H
age: 503311
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: PTrYjKyKajnwYLhEBaKd9TiROlGN/ng71dfgA6pg5YCfm+XX+QxTiaAo1hokN1YOgab17rdyse0=
last-modified: Fri, 03 Feb 2023 09:23:13 GMT
server: cloudflare
etag: W/"63accb066a48a4204e5ed4cce7fbf828"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qgJ5%2Bkh4btAYIEAyx4wQLCNy69S3xAPy7hKB8cCsqyhDX4uX4pCJ4EBdTIc1F3itRG6L%2B%2Fu2DN966H9MP4xK6JhwgRbqvokXdary8WgFivXgK0BrdePPYKxJAHW6xqp9BQX02Ceibc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6751ea13606-FRA

GET
H3 200 2752.4284489006e2ac725dd6.js Show response
static.fundraiseup.com/ 12 KB
5 KB 42ms
39ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/2752.4284489006e2ac725dd6.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aa1a9952725346671b853a2a5846e28b0a65aa53a66b4cb4006436f56054d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9ETQJ6BPG2YJT4BY
age: 203988
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Ofn10sxMIYLzocqLw3Ek6zKogMZNqWTKZeT+WNVlhPV5jDP+WkVajNF4H2YGBNd556lSLT6N1Ns=
last-modified: Mon, 10 Apr 2023 09:53:15 GMT
server: cloudflare
etag: W/"536b9670b54f1ba41e039f816d1bf037"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HQp44thNEn9L472VuZ2bK5e5RZel6aSzioY%2BF8o2%2FogS7HC9sJ1w%2F9cRUxpmb5t5AEPXA4eXzT2XuBbxl5RV9J4k8r3iyaIm%2F6G8Wd9VqiOx3RKHAUXvN9RoAiqEBmL7kv8k4a7IeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6751ea43606-FRA

GET
H3 200 9389.d8af4aed03bcf036342c.js Show response
static.fundraiseup.com/ 11 KB
4 KB 22ms
19ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/9389.d8af4aed03bcf036342c.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d989b47e54d68dc2799509c5bc25d088b260a1f2882fd882c36035c8a5983d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 55YR0YEBSGD9YRFM
age: 32942
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: drV57vZYW/by2orklfuaJtr0k0aVsKHki+VHnMfSNQX+RXxWjAsTRoohE9e+mbnsw/jQCdRWXKw=
last-modified: Thu, 09 Feb 2023 09:19:47 GMT
server: cloudflare
etag: W/"ce25da562222e84cb76da0374407755c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OhAyn%2B%2FzGf4nWcM8hhxHwBBo6ngYCV57oS4uNTD7GbhzMoZsJCbYggRIiSPIjB%2BpHpF3lYNFoefi5vOoDIahJqWGKCsAD6oqyLA3jLQk0zCE3OvaDNJ2InBN8UN90DJ2VUv3PXUGek%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6751ea53606-FRA

GET
H3 200 1307.18aa1853372a1507298d.js Show response
static.fundraiseup.com/ 15 KB
6 KB 35ms
30ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1307.18aa1853372a1507298d.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

192dde09bba7f25598a637ddd4bffea3640fd355ad5824c6df53bacc16d98bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9ETV7BDHZDPMCWHH
age: 203988
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: vhwv/t7zsXLBhikrL39zqC7aP+9btQ3OHsImBDkxaBvTqD2SA2Wk6QCSUhC1tcBMHfBT+SLnmkY=
last-modified: Mon, 10 Apr 2023 09:53:11 GMT
server: cloudflare
etag: W/"5708ab53f481f4d9b3da8417d041e5a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U58aOoGUcRQjs%2FDwM4SHJ%2FWYrCxcc8TGTTnK6Lf7Jnx6dXxtfmwUs1pQy%2Bhga%2F0RSGj0SIGnQLoTrwXlvzQ1ZYcRPnu4v1PFKqiRK6EiKwRcaHCOhwLzNOlW4nZoFyUurjoWTVoee7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6751eaa3606-FRA

GET
H3 200 5294.1b175f34885eecbfb891.js Show response
static.fundraiseup.com/ 7 KB
4 KB 42ms
38ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/5294.1b175f34885eecbfb891.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db95e7226c35cb93748ff48e5d41c1c1da39f91d5567fe97a1c96bcb51317609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C2MC6K9SJQPWHJRB
age: 2018239
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: sg2rgsEDfnZ1ZwCIkZvK/dzyBcedD+3iKH8lLhvpixkA71fX5rkBJRflZEBtAfmwm6H3JZ3UouI=
last-modified: Mon, 20 Mar 2023 09:58:24 GMT
server: cloudflare
etag: W/"a88246920146e03650c5257422774106"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncMEhC0n%2FdbZiitcW1DzDs%2BhGojouxDdiHV%2Fn0CGFN7M45DaKOdBl8KH%2FYB%2FWixvJ1zwRsV2KlAMOghSMkM65DkYa85wS1uQUGt06akDlWN8Wr4HCqFeEwPgf0H3%2BspMpVckLUoreTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6751eae3606-FRA

GET
H3 200 2100.4233818f221f04c18b91.js Show response
static.fundraiseup.com/ 17 KB
6 KB 43ms
38ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/2100.4233818f221f04c18b91.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2321b0b4b86922c08bf69ae27a0e74d17ef5d8d0c1344e57485f8b940bd8e08a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3TECZ2BYM22YN265
age: 118249
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: dUqbwPiWVFRr0sj4O3vtz8ViXHIEO6CZQb6dKaivEXjb3tpJdahV2q/3TMTJpHUiIhfwQhohuTY=
last-modified: Tue, 11 Apr 2023 09:46:11 GMT
server: cloudflare
etag: W/"1017060005baf033c4a0a2d4f2b9c9ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9AqIBHwGR6otdKW74FnlR%2FMOy1VyOeoZrOfDPqcW2jkfDoxUEL9%2F%2FcwrNGUqFK9eQ8xNEiUd9oWY0WvCKk5j8zUgfeXaf2Q2oZ4gSD24fxE40U0EGtT3ZvWF83q7Ost%2FuK093dpHoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6751eb23606-FRA

GET
H3 200 5651.0ed0f66d301f83bd963c.js Show response
static.fundraiseup.com/ 12 KB
6 KB 32ms
28ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/5651.0ed0f66d301f83bd963c.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44b60494a2e29c2e5a727c75ec5ba6236e458bbd522acf0d300dccbe84fc65d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C2M1RCRM9CV8QP81
age: 2018239
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: lk06XxD10E7bxWRAmBWv2u3U2mL0pYSSZjt/efLymyHE1Vh7yW/mcdT/fIAd/vupWEYNc/Pd24Q=
last-modified: Mon, 20 Mar 2023 09:58:25 GMT
server: cloudflare
etag: W/"ec37fe0c4ce78f81954a777d489e7858"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33418%2B5iUW%2Fs%2FjzX%2BIrcgxMbROTrXPE2q0MtyG568u%2BzG8Fs6PesVElz%2BBVZYy9ZxhdwCVoTnreEi5vwKjk9BPg3oegfOCeItCaX%2FsT88zjF%2FoBDhFKfnqeZvvH%2FY6ceFaT0pJt2iCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6751eb53606-FRA

GET
H3 200 4531.9baf4f0084ef6483bd45.js Show response
static.fundraiseup.com/ 10 KB
4 KB 43ms
37ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/4531.9baf4f0084ef6483bd45.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6bba823ed703b337012037bdb862a7a1e09fcb30c2c89840f661790bff56950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1NRP5NR5CC6NRM1N
age: 1586412
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: fm/+u3QJAyBVP45kUgj1TiYL1oocSgquiIvrtB3HucUCqTgLjBDZomuGB1kayeaFTVcp1GQrbis=
last-modified: Wed, 22 Feb 2023 09:46:19 GMT
server: cloudflare
etag: W/"b474dddc164c2d3e3be8d529c6ff9da4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MS7RNbNXapMxWr4woEN1LKGaLcRWJX%2BgC9LY3zvI7X1hi6o%2BLTEf9io1TR%2FjEbUsESeOddHNNgwTg2kcl64htVB4QJMroiqlbgxZEivshoUllzjypWScTtep58DzZK%2B58Z0kcg%2FQqL8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6752ec03606-FRA

GET
H3 200 6658.f58a931f5dd663f24177.js Show response
static.fundraiseup.com/ 17 KB
5 KB 36ms
31ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/6658.f58a931f5dd663f24177.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa56f8ad590e2a9551421a208b7d94046e36bc736720428f94ab514899e0f8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2S1RVBNCNVMT1K4F
age: 1155961
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 12xkscbqW/bAYhuHvUVLJV0rSQ+pAyg7N+PxSzuyGQL1tB7hON8m5q+SWtqfF9xRcYwndrZm/o0=
last-modified: Mon, 27 Feb 2023 09:30:25 GMT
server: cloudflare
etag: W/"b3d087000f5a2d8eb973db3cf9b64294"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bl8OOxrE6lKmtccsExFxpOKfHN8hJVLrU97PL5uTobFeoN4jENOl%2FHPjp7J71MZzn0Godiv6Of5VBdDZ9ybL3vIz7ho4nRmy1rOVRiUMZi8eMOKQfhmfEGnJmGVcfFwSEOvVb%2BpWKeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6752ec13606-FRA

GET
H3 200 3646.ddd5d46a9cfb6848e9d7.js Show response
static.fundraiseup.com/ 16 KB
6 KB 54ms
49ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3646.ddd5d46a9cfb6848e9d7.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f16687d84bbf3901d8079cdb3825fc704ee78c0ac262ed489a85757e55b20ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BPZQ8VW17HKQFFJV
age: 460421
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: wL8rVSZx1aCJcX34PMI7Lcg8tqpqu552RM7s1+ttBUKGtLWyF5I23rZy1gPCWbIubn4N6iC8w0g=
last-modified: Fri, 07 Apr 2023 10:44:25 GMT
server: cloudflare
etag: W/"26c79f6c713de6e2f3950e29ab1d58e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FywAc99q%2FN3xyjNM1MyXeIo7yvCUNJ7V0Xq9di1Ibem%2FNFYr3N%2FhjRT3OVV5TziS0sd%2FxNWXQU0YJ26%2BhYiYTCklB7w%2Bj8GMvlqaegk7nrUxeNK34D4cxNhLIJ7RkwtFyqvy7nDvaPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6752ec53606-FRA

GET
H3 200 3105.f8fce0dbc7740e3decdd.js Show response
static.fundraiseup.com/ 15 KB
6 KB 43ms
37ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3105.f8fce0dbc7740e3decdd.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34e4939e40a2f29678b84e180b0be2ecde0fd0d35cf5f000b7ea028c787266cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XJJC6EG4RR8CWFBZ
age: 886827
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 31xtLuqjJtUVXeh+uQ6C988Fqi3Ogohtp4WKKnI6HatOiIkS3ye69y2eNh0u6Gibw6szyZLljbU=
last-modified: Thu, 02 Mar 2023 12:15:21 GMT
server: cloudflare
etag: W/"cc06a51e3d15d57dc22c026008e6d4b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abybfxeMrkmp13dl5sRICS7exiCrw13i18pQD1M6BbIR%2BQWDnILonU25BTtJIqnM42SaowtFCrGyVrppZ8eD1hpIQXHoZtooFBUvAiRmmROpWZrPwiNaJFUXKAhqcfyQVkixXVBhGTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6752ec93606-FRA

GET
H3 200 3092.72844b32a4cb6d4dfe85.js Show response
static.fundraiseup.com/ 8 KB
3 KB 45ms
39ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3092.72844b32a4cb6d4dfe85.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12fc0481cb87c7cf88fb62d0c6d057eab4015ed665472864e92b9227c2d801d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C2MBVBJW32MQH64Z
age: 2018239
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: FkwrQLrRkLn5akPj0Vh042gwJHsFm+W5X+LU1NTDoYefYzqbEWECKtRq++03WjmE9FPLH25hz8g=
last-modified: Mon, 20 Mar 2023 09:58:20 GMT
server: cloudflare
etag: W/"f20304066880edb48ea7121f233510ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XC8GFphWozuRHW5K8T8yoU0Yr8RSE%2Bh8sE%2BdLtKHrjLZLt7kmUp1fuNxOhzayGT1tagAhrHYiC%2FQwyFaNxZnAI7X0UCZ9X7%2BzIdbBRpwOTFMttCmmurdfsqlH%2Fb5gu0PGb7pwQXA7aE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6752ece3606-FRA

GET
H3 200 9927.713a6d119ecf33dbbd3f.js Show response
static.fundraiseup.com/ 24 KB
8 KB 45ms
40ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/9927.713a6d119ecf33dbbd3f.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afc9799bf086d2013803fd1746c57d23d772017f06c83708e482b4a2c200822b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 55YKHKXCSXXX2MZK
age: 32942
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 5PaGLXfUA8FMKD5f+akmsCV89/AeWCsxA5zgtpPA9IUUJgb1gNU2mZriEhALCN5KozQDMOsaIkU=
last-modified: Thu, 09 Feb 2023 09:19:47 GMT
server: cloudflare
etag: W/"62f77c4668a441cceeb735350e32e9cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nrmwPG%2BHl1EaZVwlCs0x%2F4F6Rd%2FMFt0qV0EyE7EauEeub%2FpHMm4%2BLvWJeH32%2F1Mx%2BnmlVcr09aJeJaeP8InXE7gDXSLZW%2F%2BzQxIYvyNIMQ8DSSadEzVTCEbl%2ByjPkKvboaLL1xnBBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6752ed23606-FRA

GET
H3 200 939.d7b59eba98b080c7f5b2.js Show response
static.fundraiseup.com/ 17 KB
6 KB 53ms
48ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/939.d7b59eba98b080c7f5b2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50f11135d4c98928f91c369d0c99a94e4b5871f6f6db43e39201a6f3cce65a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9ETQPCBE2F0AR9N4
age: 203988
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: fYomGI6hskGhSYy5NMq3zL2H4CA1pZfVncKZgkzJ7IEZQR9shyZC1ehpkHYGzTlPghmgMYvY9VE=
last-modified: Mon, 10 Apr 2023 09:53:23 GMT
server: cloudflare
etag: W/"b748b0a60b535cebc4cbaca5de822223"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BypKEZEiKJ7Gcwmuq737mIOkKMHGs0H8AQZLmbZcAMnZdoPUZJkbZWSH%2Fy7XxBdnoP4h21mTgyBBag7sc72PoYFr41vVox%2BrElhTQv7C5m%2BogyjezMoMguwyzxn0FHxS8CXRkcbcMA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6752ed53606-FRA

GET
H3 200 1178.48a23983cd6252393d27.js Show response
static.fundraiseup.com/ 21 KB
6 KB 49ms
44ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1178.48a23983cd6252393d27.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11a17cdb21234eea3e0fe8a5da355f596f8332f29b20bdcb346707516abd21da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9ETKW7EWMCR86SR3
age: 203988
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: DLJF73srWFgZwHI6Vpnwf7CHqXKwWefCLmWK06khKIaEjkKDN+aH99WtbQaAOTpvblX8D8tIqlY=
last-modified: Mon, 10 Apr 2023 09:53:10 GMT
server: cloudflare
etag: W/"c769bd78acea9d9f87a046b37c7a139e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8ygmEODOCtO7L7f7E6r%2BH2wk81TfI0BrMoIk5og4SrspLzN9b3OCLy2xnlZNgi%2FotlOGcrsj8PnmhwVzg250F8pMdQx8rd6RIXM9bTW2McKr7%2BELth%2B2H%2Bu3fWqwmWk58wsNMS7iBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6752ed73606-FRA

GET
H3 200 3313.99d81e8fdca5342dbbac.js Show response
static.fundraiseup.com/ 24 KB
7 KB 50ms
44ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3313.99d81e8fdca5342dbbac.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6104004035bc73f193363f4fe3f77160ec3e7d49d5774426235d727b29270e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BJYWQQGC1N2RKB91
age: 1064484
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: kl0QbzBVnszPIKuFjmrUMEyB8NBeeWNGL0j0a6vK5MfaQ2A4BTBM4hz1Qds9Uy5OJjEtb/ySBuM=
last-modified: Fri, 31 Mar 2023 10:55:18 GMT
server: cloudflare
etag: W/"92ed4432d9b4720b6be770463f4bb193"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rGDfZRPsTyYJbdFjYx%2Fo1w%2FE%2BjStOjex%2FwF9QPlVUb2wKRcWEoy3dyDmoFzHOeUAM6rDd67CFhyoaAJL3S1oN1LbynFLqRbnjUyy%2FGgM1%2BnXHTLNZ1N8tFuBTeCtzvDjM%2FI%2BahhCBs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6752edb3606-FRA

GET
H3 200 617.b6c7ec5e120788005108.js Show response
static.fundraiseup.com/ 8 KB
3 KB 50ms
44ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/617.b6c7ec5e120788005108.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acc5290164b4f690b6ffecbd6b02084541a4c2056828e16ebee3d585410a3b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7VCV43QVDH4DYZ8H
age: 1760577
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: aQANyg0pdBXMwDxJT2x3MqAvPYbKBWxH1XDJLJGOEHpZxgvzjgYgTjiYsllRzlFQPVy28tcHeuc=
last-modified: Mon, 20 Feb 2023 09:32:25 GMT
server: cloudflare
etag: W/"0f1bb3c0935ee0dd8101f3b6e15149e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zyZLNFjTz85Hok4ib32v%2BhtvB9LCqZ%2BEazWghm3sGwqsVZsBeaxHvcWgEG3a%2FTwjMSsIOWkZb%2Fx%2BCxaZql%2BRXNPxw4yBR%2BoQzV9hXxfsaAqykSzS7BrzUfLBMC1j2H%2FdPj%2F8rQEzmU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6752edc3606-FRA

GET
H3 200 4957.cba9a26234d80954b6c9.js Show response
static.fundraiseup.com/ 17 KB
6 KB 50ms
45ms Script
text/javascript 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/4957.cba9a26234d80954b6c9.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff26da48ed878195ca3797be1205e10c8489084ac016512b2bfa5941f7a9363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3TE7B9FX4BCEQS7H
age: 118249
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: jlZckOsAzuTjFdhOKVLBU1ybrAue/kCB/6LPipxzr9cEK10k50CZIBKPF3kUTemVCNZQwMAurcY=
last-modified: Tue, 11 Apr 2023 09:46:19 GMT
server: cloudflare
etag: W/"06e4824fc58f0006abd39d4185771063"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voHfeXHQ3ihgkQ%2BdGa2L%2Fo5qMU52RvMgzMaQwQbSGvLYbqa3uONLXER%2Bc7m3tvdsQFEQvlaqN%2FaEKYz5o7Za6k3qilYEO19DUhsxht%2BSOAablM8ZIzgtlygLmXlHfHGpPiryHlbsfM4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7b6da6752ede3606-FRA

GET
H2 200 /
ucarecdn.com/40da1f6b-cd21-4892-948f-df000aeef9c6/-/resize/470x/-/format/auto/ Frame 429F 18 KB
18 KB 182ms
96ms Image
image/webp 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/40da1f6b-cd21-4892-948f-df000aeef9c6/-/resize/470x/-/format/auto/
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Uploadcare /
Resource Hash: bbee68a53e3ff4a0e042a78844d680869b3c959b5be2684d1e264b2c87ec2209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
x-image-width: 470
server: Uploadcare
etag: "cf989afc0631cb3d71e6492588a7de49"
vary: accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=31463449
content-disposition: inline
x-image-height: 263
content-length: 17978

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ Frame 429F 56 KB
56 KB 444ms
440ms Font
application/octet-stream 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bgca.org/
Origin: https://bgca.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3F7T2F2N5K927Z0G
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56996
x-amz-id-2: cMlF3UsYHQJYCW7gyX3MCg67W+1mjx3PMz/9+lqLzOWkOaNW4sXU1gvAaxFTiPQZk6Yg5Qs0J2Y=
last-modified: Wed, 12 Apr 2023 14:57:26 GMT
server: cloudflare
etag: "643ad5d92cd7c31076790077c3003abc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdmNXiOySXJ4G6mFFAa%2FCbtUoJBdccHyS0LiPcM3i6R6sDDZC%2BNwOqEV45ZTCNP%2Fv3OcBiCbFEOH4Z3QH6HdUHBLkVLz9gOLfBfVI5bohoezWEKM63Z8uhpZSjSRMXv1ZaKqRTCdqA4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7b6da6752f273609-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ Frame 429F 52 KB
53 KB 427ms
423ms Font
application/octet-stream 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bgca.org/
Origin: https://bgca.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3F7HJDN84H0EFMEF
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53064
x-amz-id-2: 0gzhj6cQLIVLPJJykSp/CHOx8zjwmNvJLgMgM8BTbP3Qgs9QornULriS87PgJrdDZdX7aX/gmB0=
last-modified: Wed, 12 Apr 2023 14:57:27 GMT
server: cloudflare
etag: "c9e466876957e9d2128f63b225a81ae3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAi9QCVNR8NvW%2BVMih6V3SBZr0WISPgAr%2F7Y0hs6PertOBK6cH%2FP4whpU3IooazB8PabnwQVkUFA7LEu44GcJhy84yxk946sgnieJRnuXqUFqZ8H4FeibOuNekKdGWmbTjo9IN4ll3g%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7b6da6752f293609-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-700.a858bab2f594ef47e251.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ Frame 429F 52 KB
53 KB 411ms
407ms Font
application/octet-stream 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-700.a858bab2f594ef47e251.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36fc9410b3f02fdce5060168717a2182c1275ba8f116f257661b6deaa2851ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bgca.org/
Origin: https://bgca.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3F7ZAD79RRTDXFVE
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53024
x-amz-id-2: 6DWsNwuXDg4EalPChTXlt1ZUA8HomHDKtVA0QogUYhWVnIRB+oEwzqDeJZbNRbgkz8CP1TmFl7v1IqA4ddYaXQ==
last-modified: Wed, 12 Apr 2023 14:57:26 GMT
server: cloudflare
etag: "d6502c623b1b74dce94988d329d4f4b7"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YlJvOvkCje30frE%2BpxbMOJ%2B2v6ZFc6Kj4AjKxzvkL3Fw0HVFG%2FeEpdx%2BSgFpDcpLqS%2BQqPVjmxyVpFshEqVbarCLkZPIlgjdLgN%2FpFMfC3BXvYnbcZDzxyumvwQVefWfKZlhrWJm3w%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7b6da6752f2c3609-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-700italic.c1ca7861fd408c55b05d.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ Frame 429F 55 KB
56 KB 396ms
391ms Font
application/octet-stream 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-700italic.c1ca7861fd408c55b05d.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac0eed0925278f6e9e12505feb97e74e706ce28dafbf9a5463ecdfa2d532a5f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bgca.org/
Origin: https://bgca.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3F7Y806AGW0A9AZ5
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56724
x-amz-id-2: FVxmFFVmjfS8d4gNH5i5DWur+UCjmuCJvcXjgW6sQr0pL3rAa4rmMw8jfXZZ+Y2sBPpfZVmB6WVo8ugpceLPyQ==
last-modified: Wed, 12 Apr 2023 14:57:26 GMT
server: cloudflare
etag: "9842fc10b668d97ed9139e6e3ac142ed"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZWPGbNdtDRMaPQVxY6hMeW191XRO8Yfu7WDuVL%2FeZ1%2F1VYXAIriWeTG3TGXBm9iXBA6b%2FcdZkdr%2FE65QxYbV49Yq8JQRUetPr5ezgZL7OVHCab9BHGnOxxV4TKrV7Ni2KqeNubG%2BZ8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7b6da6752f2d3609-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-italic.ae0df2d584fc405fdb31.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ Frame 429F 56 KB
57 KB 435ms
433ms Font
application/octet-stream 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-italic.ae0df2d584fc405fdb31.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8bbd0e370f267b7ddac733af065cdd842db5a483cd28174c7f200fcf3a05c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bgca.org/
Origin: https://bgca.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EPZ2QE4KGGH7A5DC
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57496
x-amz-id-2: JaZoTMPxINNrvs8VDjEKa2LRT7T5sGimY6lA/Lmowvz7xKILkMO4Ucz/iZSuJufiNaupD5H3Vhc=
last-modified: Wed, 12 Apr 2023 14:57:26 GMT
server: cloudflare
etag: "47b46a92570d2413396ad4df0512b020"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaDxx7RMQP0V%2FPVAsmQlqHHE8w3cKKXamV8W18QLecOlB6g1Odgatr6718fxkblEOvVWXikHf0cJiQD8Hp1NOmOpRZQprjoM3y3yxDdfvJMtZvLi7evMNiN84dqVDkXEHee%2BX8nZh7s%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7b6da6753f343609-FRA

GET
H2 200 /
ucarecdn.com/47194fb1-f196-4bc2-90d5-267df7d1092b/-/resize/x50/-/format/auto/ Frame 429F 4 KB
4 KB 158ms
95ms Image
image/webp 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/47194fb1-f196-4bc2-90d5-267df7d1092b/-/resize/x50/-/format/auto/
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Uploadcare /
Resource Hash: 1c08301de637568359663263d80c1a73f053c83ceadcee9b591367bb35e203ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:36 GMT
x-image-width: 211
server: Uploadcare
etag: "0c0df3c6ca0f8036d40ad5f7b9e9c006"
vary: accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=29835487
content-disposition: inline
x-image-height: 50
content-length: 3660

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ Frame 429F 13 KB
6 KB 10ms
10ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=bgca.org&t=xo&v=5.0.362&source=payments_sdk&mrid=5K24XTFT6SEE8&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=5K24XTFT6SEE8&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1bd1099e311a35983116e7e940f720491094569524f6927991d57abf3416b016

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ngO+jHIoZ7MBk4CiNg6JGEp+SeTtBoCEXfN6nzB4+VO0HZ/i' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ngO+jHIoZ7MBk4CiNg6JGEp+SeTtBoCEXfN6nzB4+VO0HZ/i' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:36 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 26859
x-cache: HIT, HIT
paypal-debug-id: f383006ac0ea9
server-timing: "traceparent;desc="00-0000000000000000000f383006ac0ea9-182f96adbc0d9d57-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4743
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220055-HHN, cache-fra-eddf8230071-FRA
traceparent: 00-0000000000000000000f383006ac0ea9-e902b2a342941d9e-01
x-timer: S1681325377.881862,VS0,VE2
etag: W/"3532-hN/u9ZYnZCDohPdvEJ2WyonDo6M"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 204 0
bat.bing.com/action/ 0
121 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26263994&tm=gtm002&Ver=2&mid=cce3716d-bb9f-4707-b183-ec1250bff8d7&sid=c57ee7d0d96211eda2470d08ccdb74ad&vid=c57f0d80d96211ed9105c10ecefacbd4&vids=0&msclkid=N&ec=Fundraise%20Up&gc=USD&tpp=1&ea=begin_checkout&en=Y&sw=1600&sh=1200&sc=24&evt=custom&rn=807794

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Apr 2023 18:49:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DAC454E3A8D7458D88F6E629EE87CB3E Ref B: FRAEDGE1317 Ref C: 2023-04-12T18:49:36Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ Frame 429F 55 KB
56 KB 405ms
404ms Font
application/octet-stream 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bgca.org/
Origin: https://bgca.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: EPZE55RCSXY6HW8P
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56460
x-amz-id-2: n3CfbRW7q7to/AiPS8aC++dzyglDU1wnXz+qf7NsC7IlVFrdUO9FjopVxscc3bDGJVsTY7YSY6zhHAfxdlGI5Q==
last-modified: Wed, 12 Apr 2023 14:57:26 GMT
server: cloudflare
etag: "cc65a7d46bec1bcadfd3a27d571765f5"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0pLoRw1bpJub64LG9liGgOYxOgxB%2BG%2BAGCotJXbEABKIJsXYHK26LVT42qPGl%2Bol0WlyLtAR%2B21tkrh8HO5nRf8IM2mxFpwbDGie2jWq9as5UgRR2lbuvz13pSOKFo0UIpbniB07wo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7b6da675bffe3609-FRA

GET
H2 200 inner.html Show response
m.stripe.network/ Frame AC33 930 B
1 KB 20ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 131
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 18:49:36 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 117
x-content-type-options: nosniff
x-request-id: c6e2825e-7904-4247-9793-7f193c37e01e
x-served-by: cache-fra-eddf8230111-FRA
x-timer: S1681325377.952966,VS0,VE0

POST
H2 200 tb
fndrsp.net/ 2 B
288 B 189ms
185ms Ping
text/plain 172.64.129.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/ALGMTNTC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.129.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bgca.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXXrEmZcn2K8iCsS8c%2B0YDuqXQ%2FD%2FO7wNrxbpww1KxvBKmzI2JczVl%2Fb1e3Ac2ahoPA%2FKMj1%2BOsSvZeVGt03HDySHWbSUYcorC1FbnRJq8vw4BIZ4XTW4d4MqPWg"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bgca.org
access-control-allow-credentials: true
cf-ray: 7b6da675dc6337eb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2023-04-06/locales/ 468 B
882 B 39ms
13ms XHR
application/json 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-04-06/locales/en-US.json
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/6873.680371e07b176774d33d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f50b9bf1a91f14edd5986100acdc7aa27b867f8b7539d11aac594c8469792b09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 12 Apr 2023 18:49:36 GMT
via: 1.1 131c765a25a20275f6d8dc2fce7692e6.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BUD50-C1
age: 49
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 535157
x-77-nzt: AcO1rgVEWo7/dSoIAA
x-accel-expires: @1706710219
last-modified: Thu, 06 Apr 2023 14:06:54 GMT
server: CDN77-Turbo
etag: W/"ae2d00e3f5dbecf4eb4c641c591a6154"
x-77-nzt-ray: 25b021315ef2a61e40fd3664ec5a723a
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: enzqAG73wAQbblHq9yo2h6Hvuz_YBmln9nMBUwJCcEjvBIl5_GqS0A==

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 429F 1016 B
2 KB 436ms
435ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

067d089951c4b7849dc363030fe0a0f41495709b2a7496a5c10d13eeb56a55f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://bgca.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f841586daedf8
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220063-HHN, cache-fra-eddf8230082-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f841586daedf8-0d3a41bbc0bf01d0-01
x-timer: S1681325377.191352,VS0,VE413
etag: W/"3f8-Iym1zXGNANbQDoCb6Z9HiDAr0uY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bgca.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 238ms
222ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bgca.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://bgca.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 12 Apr 2023 18:49:37 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f841586b99047
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f841586b99047-226d4e87166c6a01-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220031-HHN, cache-fra-eddf8230082-FRA
x-timer: S1681325377.965986,VS0,VE214

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 9A16 474 B
611 B 26ms
9ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e2ac51b2f54f5d47da9da461a38233c15951ad4533ca10b40d7afe9e8139714e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-4e4663227a7434a38009e2b0047bf2ee.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: ec20baf7-5b62-4002-8535-0f90f349a33f
x-served-by: cache-fra-eddf8230043-FRA
last-modified: Wed, 12 Apr 2023 17:46:36 GMT
server: Fastly
etag: "6e264cdc1c4cca33b824eaa022c61039"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

POST csp-report
q.stripe.com/ Frame AC33 0
0

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ Frame 429F 55 KB
17 KB 103ms
41ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=bgca.org&t=xo&v=5.0.362&source=payments_sdk&mrid=5K24XTFT6SEE8&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&vault=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48DA) /

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 3b49397597f31
dc: ccg11-origin-www-1.paypal.com
content-length: 16464
last-modified: Tue, 03 May 2022 17:28:29 GMT
server: ECAcc (ama/48DA)
traceparent: 00-00000000000000000003b49397597f31-c89c33ad984d7862-01
etag: "6271663d-da91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 12 Apr 2023 19:49:37 GMT

GET
H2 200 ts
t.paypal.com/ Frame 429F 42 B
740 B 211ms
160ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A5K24XTFT6SEE8-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A5K24XTFT6SEE8-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=f4ccbc63-2c08-4aa8-ad13-4f725883e449&fltp=analytics&mrid=5K24XTFT6SEE8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1681325377018&g=0&completeurl=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&ru=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/3592) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/3592)
traceparent: 00-00000000000000000008d55965e56a05-667fc0c5164adbf2-01
content-type: image/gif
paypal-debug-id: 8d55965e56a05
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Wed, 12 Apr 2023 18:49:37 GMT

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame AC33 86 KB
16 KB 8ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 12 Apr 2023 18:49:37 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 272
x-cache: HIT
content-length: 16031
x-request-id: a88b957c-2a64-4091-8c48-e7d7077a9751
x-served-by: cache-fra-eddf8230111-FRA
server: Fastly
x-timer: S1681325377.036989,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 218

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/85046614-f79e-4135-aa46-f10361434581/ 615 KB
132 KB 45ms
45ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/85046614-f79e-4135-aa46-f10361434581/user.js?cb=638164950787936148
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/85046614-f79e-4135-aa46-f10361434581/lightbox.js?mb=1681325376624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80dfd2eab9f4efcdadf832eea3c62b0fb48b1d864b95639c8c42e7572495ae0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Apr 2023 18:49:37 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: GiDVtskb3OnfW9jusxnC0g==
age: 419823
cf-polished: origSize=1047907
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 20 Jan 2021 18:58:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 5c8537b5-201e-0037-059e-69b49f000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 7b6da6769eab2c35-FRA
expires: Thu, 11 Apr 2024 18:49:37 GMT

GET
H2 200 controller-4e4663227a7434a38009e2b0047bf2ee.html Show response
js.stripe.com/v3/ Frame 9CA9 325 B
788 B 10ms
10ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-4e4663227a7434a38009e2b0047bf2ee.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

76f0ee0adf326bdc25aa3ce3fee554bbfb065f07510cd6d78370d124c79835d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bgca.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 18
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 18:49:37 GMT
etag: "4e4663227a7434a38009e2b0047bf2ee"
last-modified: Wed, 12 Apr 2023 17:06:41 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 5
x-content-type-options: nosniff
x-request-id: 21ba9179-7b57-42aa-91d9-43598a34fe61
x-served-by: cache-fra-eddf8230111-FRA

GET
H2 200 elements-inner-card-24c32716f89ed77fa00114384ac77591.html Show response
js.stripe.com/v3/ Frame D421 798 B
1 KB 9ms
8ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

30c9bc266ab826829ac842daa55ff0ed0cc57d094225407cf26ff75040720ee5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bgca.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5971
cache-control: max-age=31536000
content-encoding: br
content-length: 363
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 18:49:37 GMT
etag: "24c32716f89ed77fa00114384ac77591"
last-modified: Wed, 12 Apr 2023 17:06:41 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 176
x-content-type-options: nosniff
x-request-id: 040caea4-65dd-4819-89c5-b252230fec7d
x-served-by: cache-fra-eddf8230111-FRA

GET
H2 200 elements-inner-card-24c32716f89ed77fa00114384ac77591.html Show response
js.stripe.com/v3/ Frame 70E2 798 B
442 B 18ms
18ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

30c9bc266ab826829ac842daa55ff0ed0cc57d094225407cf26ff75040720ee5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bgca.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5971
cache-control: max-age=31536000
content-encoding: br
content-length: 363
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 18:49:37 GMT
etag: "24c32716f89ed77fa00114384ac77591"
last-modified: Wed, 12 Apr 2023 17:06:41 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 177
x-content-type-options: nosniff
x-request-id: d1a68096-3867-4d9e-bbcd-b40ca2f97343
x-served-by: cache-fra-eddf8230111-FRA

GET
H2 200 elements-inner-card-24c32716f89ed77fa00114384ac77591.html Show response
js.stripe.com/v3/ Frame F542 798 B
527 B 17ms
17ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

30c9bc266ab826829ac842daa55ff0ed0cc57d094225407cf26ff75040720ee5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bgca.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5971
cache-control: max-age=31536000
content-encoding: br
content-length: 363
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 18:49:37 GMT
etag: "24c32716f89ed77fa00114384ac77591"
last-modified: Wed, 12 Apr 2023 17:06:41 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 178
x-content-type-options: nosniff
x-request-id: dfd551ab-84a7-4560-9f3c-139e1bd9d591
x-served-by: cache-fra-eddf8230111-FRA

GET
H2 200 elements-inner-au-bank-account-6158a5c474b4220ed871f45fa5aa1edc.html Show response
js.stripe.com/v3/ Frame 079D 820 B
587 B 49ms
47ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-au-bank-account-6158a5c474b4220ed871f45fa5aa1edc.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

18d4d42e3d0c57090d0a859c147d8d138628336d0be560ed3d62c2b1f328dc91

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bgca.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 4562
cache-control: max-age=31536000
content-encoding: br
content-length: 371
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 18:49:37 GMT
etag: "6158a5c474b4220ed871f45fa5aa1edc"
last-modified: Wed, 12 Apr 2023 17:06:41 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: b2db1bee-2226-4a5a-9177-3ef3e8e14ac0
x-served-by: cache-fra-eddf8230111-FRA

GET
H2 200 elements-inner-iban-5df8dcf92c7a7c32278d95fa60acbfeb.html Show response
js.stripe.com/v3/ Frame BC39 798 B
469 B 43ms
43ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-iban-5df8dcf92c7a7c32278d95fa60acbfeb.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c9f6eccb1eec474166058e27143b83b6b525d7f84f3ef27415994357cf81ca80

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bgca.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5363
cache-control: max-age=31536000
content-encoding: br
content-length: 362
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 18:49:37 GMT
etag: "5df8dcf92c7a7c32278d95fa60acbfeb"
last-modified: Wed, 12 Apr 2023 17:06:41 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: 533cf5c9-5975-4a72-8814-c6128b614864
x-served-by: cache-fra-eddf8230111-FRA

POST
H2 200 0 Show response
r.stripe.com/ Frame 9A16 0
273 B 357ms
328ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377397739
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377397378
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9A16 0
273 B 356ms
327ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377397434
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377397522
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9A16 0
273 B 351ms
332ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377398352
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1681325377397719
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9A16 0
273 B 348ms
330ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377398281
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377397562
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9A16 0
273 B 346ms
330ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377398084
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1681325377397432
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9A16 0
274 B 342ms
326ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377397621
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377397427
access-control-allow-credentials: true
content-length: 0

POST csp-report
q.stripe.com/ Frame 9CA9 0
0

GET
H2 200 shared-8f0efe81f6283029ec47a17eef507ceb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9CA9 404 KB
97 KB 24ms
11ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-4e4663227a7434a38009e2b0047bf2ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a958b3f616d681c715832cae2452bdf2c48b11d68c93f21ca7c513f1289b557a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-4e4663227a7434a38009e2b0047bf2ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 6069
x-cache: HIT
content-length: 99230
x-request-id: 01b672e8-1d9b-45fd-bbd8-21c10b6af33d
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 12 Apr 2023 17:06:52 GMT
server: Fastly
etag: "8b8b4f9d8ae838147627b04117051f4c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 564

GET
H2 200 controller-caf09a8de84ceef1b7dbaf649bef4f17.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9CA9 446 KB
122 KB 22ms
9ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-caf09a8de84ceef1b7dbaf649bef4f17.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-4e4663227a7434a38009e2b0047bf2ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5f0bd76e72ed7178e96803461c7c30254b2505ae102f06c57ab534de0d803913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-4e4663227a7434a38009e2b0047bf2ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 6069
x-cache: HIT
content-length: 124994
x-request-id: 300540cf-455a-449d-a3e6-11f9bc9e7880
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 12 Apr 2023 17:06:50 GMT
server: Fastly
etag: "4ff5499cd635bbd07bf878e9a8fd26c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 539

POST csp-report
q.stripe.com/ Frame D421 0
0

GET
H2 200 shared-8f0efe81f6283029ec47a17eef507ceb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D421 404 KB
97 KB 22ms
10ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a958b3f616d681c715832cae2452bdf2c48b11d68c93f21ca7c513f1289b557a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 6069
x-cache: HIT
content-length: 99230
x-request-id: ad5e2ec0-e195-45ae-b32c-35490512d6d1
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 12 Apr 2023 17:06:52 GMT
server: Fastly
etag: "8b8b4f9d8ae838147627b04117051f4c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 563

GET
H2 200 ui-shared-96f863232c659e13fad47b29295c05e8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D421 280 KB
88 KB 21ms
9ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-96f863232c659e13fad47b29295c05e8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a1639f5665472e8f062923d3ff20b0de33a49fa33f0c7fdbd90d949b016ec240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 74710
x-cache: HIT
content-length: 89983
x-request-id: 9d72f5e4-b2b6-40fa-b1e9-60de4e87a9e2
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Tue, 11 Apr 2023 22:02:22 GMT
server: Fastly
etag: "994ef3f2da0e9f2312b3dfdc563c81ce"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2042

GET
H2 200 elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D421 50 KB
13 KB 25ms
25ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d6ca03fd3627bff282ed519cf48dd2fdd5a88d29ee2176d4de3bfb61be54c2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 438226
x-cache: HIT
content-length: 13588
x-request-id: d3cbcb82-2985-494f-afff-0ebeeec655de
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 07 Apr 2023 17:03:19 GMT
server: Fastly
etag: "9c8911dcca80e60a94b3a9f397685e7d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7546

GET
H2 200 ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame D421 19 KB
3 KB 19ms
8ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 1734331
x-cache: HIT
content-length: 3195
x-request-id: 951747f8-9cad-4395-88d9-5f603402eee8
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Thu, 23 Mar 2023 17:02:05 GMT
server: Fastly
etag: "dbd37658a3a8a3842b147403a54940ff"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 36087

GET
H2 200 elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css
js.stripe.com/v3/fingerprinted/css/ Frame D421 10 KB
2 KB 22ms
11ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ee431470c13290a583f30995c6658fda6fe6b4a6e5f51c32ed1970bac8212b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 438226
x-cache: HIT
content-length: 1614
x-request-id: 27dfeeca-fbf6-46f6-9123-62db4fe6622f
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 07 Apr 2023 17:03:11 GMT
server: Fastly
etag: "26f037181250b55faed2d329facbb2fb"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7418

POST csp-report
q.stripe.com/ Frame 70E2 0
0

GET
H2 200 shared-8f0efe81f6283029ec47a17eef507ceb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 70E2 404 KB
97 KB 20ms
10ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a958b3f616d681c715832cae2452bdf2c48b11d68c93f21ca7c513f1289b557a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 6069
x-cache: HIT
content-length: 99230
x-request-id: c9656707-7b57-4872-95c3-40061cf95e0c
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 12 Apr 2023 17:06:52 GMT
server: Fastly
etag: "8b8b4f9d8ae838147627b04117051f4c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 563

GET
H2 200 ui-shared-96f863232c659e13fad47b29295c05e8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 70E2 280 KB
88 KB 21ms
11ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-96f863232c659e13fad47b29295c05e8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a1639f5665472e8f062923d3ff20b0de33a49fa33f0c7fdbd90d949b016ec240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 74710
x-cache: HIT
content-length: 89983
x-request-id: 49c245da-8b0b-4a39-bf81-8d6a041c98b2
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Tue, 11 Apr 2023 22:02:22 GMT
server: Fastly
etag: "994ef3f2da0e9f2312b3dfdc563c81ce"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2042

GET
H2 200 elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 70E2 50 KB
13 KB 24ms
23ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d6ca03fd3627bff282ed519cf48dd2fdd5a88d29ee2176d4de3bfb61be54c2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 438226
x-cache: HIT
content-length: 13588
x-request-id: 068a38d6-dd45-480d-a2c6-7c0650d8f372
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 07 Apr 2023 17:03:19 GMT
server: Fastly
etag: "9c8911dcca80e60a94b3a9f397685e7d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7547

GET
H2 200 ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame 70E2 19 KB
3 KB 18ms
9ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 1734331
x-cache: HIT
content-length: 3195
x-request-id: e609eb7c-a812-4901-b768-92b69443033e
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Thu, 23 Mar 2023 17:02:05 GMT
server: Fastly
etag: "dbd37658a3a8a3842b147403a54940ff"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 36088

GET
H2 200 elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css
js.stripe.com/v3/fingerprinted/css/ Frame 70E2 10 KB
2 KB 25ms
15ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ee431470c13290a583f30995c6658fda6fe6b4a6e5f51c32ed1970bac8212b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 438226
x-cache: HIT
content-length: 1614
x-request-id: 5893138f-8b7b-4ad4-9ad0-203589dd450a
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 07 Apr 2023 17:03:11 GMT
server: Fastly
etag: "26f037181250b55faed2d329facbb2fb"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7419

POST csp-report
q.stripe.com/ Frame F542 0
0

GET
H2 200 shared-8f0efe81f6283029ec47a17eef507ceb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F542 404 KB
97 KB 33ms
27ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a958b3f616d681c715832cae2452bdf2c48b11d68c93f21ca7c513f1289b557a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 6069
x-cache: HIT
content-length: 99230
x-request-id: 16272f6b-a6bd-4893-bc47-a1aba7362307
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 12 Apr 2023 17:06:52 GMT
server: Fastly
etag: "8b8b4f9d8ae838147627b04117051f4c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 565

GET
H2 200 ui-shared-96f863232c659e13fad47b29295c05e8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F542 280 KB
88 KB 33ms
27ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-96f863232c659e13fad47b29295c05e8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a1639f5665472e8f062923d3ff20b0de33a49fa33f0c7fdbd90d949b016ec240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 74710
x-cache: HIT
content-length: 89983
x-request-id: dec3f223-d22d-40ed-8e6f-6dd5d490fc50
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Tue, 11 Apr 2023 22:02:22 GMT
server: Fastly
etag: "994ef3f2da0e9f2312b3dfdc563c81ce"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2043

GET
H2 200 elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F542 50 KB
13 KB 25ms
25ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-7229f0fd7bf6c5d27f4c686b0fac1d22.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d6ca03fd3627bff282ed519cf48dd2fdd5a88d29ee2176d4de3bfb61be54c2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 438226
x-cache: HIT
content-length: 13588
x-request-id: 1df1f8ae-dec1-4b53-9f45-cdb37f2c2a16
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 07 Apr 2023 17:03:19 GMT
server: Fastly
etag: "9c8911dcca80e60a94b3a9f397685e7d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7548

GET
H2 200 ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame F542 19 KB
3 KB 38ms
33ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 1734331
x-cache: HIT
content-length: 3195
x-request-id: 25789b6f-31d6-4873-b864-edea3f3d1ce0
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Thu, 23 Mar 2023 17:02:05 GMT
server: Fastly
etag: "dbd37658a3a8a3842b147403a54940ff"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 36089

GET
H2 200 elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css
js.stripe.com/v3/fingerprinted/css/ Frame F542 10 KB
2 KB 32ms
26ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ee431470c13290a583f30995c6658fda6fe6b4a6e5f51c32ed1970bac8212b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 438226
x-cache: HIT
content-length: 1614
x-request-id: 3524577f-a213-434e-b961-3e9fd7d9d923
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 07 Apr 2023 17:03:11 GMT
server: Fastly
etag: "26f037181250b55faed2d329facbb2fb"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7420

POST csp-report
q.stripe.com/ Frame BC39 0
0

GET
H2 200 shared-8f0efe81f6283029ec47a17eef507ceb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BC39 404 KB
97 KB 13ms
12ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-5df8dcf92c7a7c32278d95fa60acbfeb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a958b3f616d681c715832cae2452bdf2c48b11d68c93f21ca7c513f1289b557a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-5df8dcf92c7a7c32278d95fa60acbfeb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 6069
x-cache: HIT
content-length: 99230
x-request-id: 7644e8fd-ac53-4f05-a0f2-edb13433a08e
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 12 Apr 2023 17:06:52 GMT
server: Fastly
etag: "8b8b4f9d8ae838147627b04117051f4c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 566

GET
H2 200 ui-shared-96f863232c659e13fad47b29295c05e8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BC39 280 KB
88 KB 13ms
12ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-96f863232c659e13fad47b29295c05e8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-5df8dcf92c7a7c32278d95fa60acbfeb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a1639f5665472e8f062923d3ff20b0de33a49fa33f0c7fdbd90d949b016ec240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-5df8dcf92c7a7c32278d95fa60acbfeb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 74710
x-cache: HIT
content-length: 89983
x-request-id: 2a0f8dc9-d902-4d13-afb6-2c2f8c0a994f
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Tue, 11 Apr 2023 22:02:22 GMT
server: Fastly
etag: "994ef3f2da0e9f2312b3dfdc563c81ce"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2044

GET
H2 200 elements-inner-iban-90c7bf9b368fa086758876b4b513a0eb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BC39 19 KB
8 KB 17ms
6ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-iban-90c7bf9b368fa086758876b4b513a0eb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-5df8dcf92c7a7c32278d95fa60acbfeb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f8b48f24405eb1070d1bb82aa62d586b1e3561ddeb25aabc862824fec1f2eed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-5df8dcf92c7a7c32278d95fa60acbfeb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 1043013
x-cache: HIT
content-length: 7583
x-request-id: 5b53fafb-fd33-431b-976b-ef76dcfe2167
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 31 Mar 2023 17:02:33 GMT
server: Fastly
etag: "cc65666da6f56a0e066c82380d666a13"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame BC39 19 KB
3 KB 12ms
11ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-5df8dcf92c7a7c32278d95fa60acbfeb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-5df8dcf92c7a7c32278d95fa60acbfeb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 1734331
x-cache: HIT
content-length: 3195
x-request-id: 734213e6-ecb2-4921-b6ae-132bf4f57f25
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Thu, 23 Mar 2023 17:02:05 GMT
server: Fastly
etag: "dbd37658a3a8a3842b147403a54940ff"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 36090

GET
H2 200 elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css
js.stripe.com/v3/fingerprinted/css/ Frame BC39 485 B
441 B 12ms
11ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-5df8dcf92c7a7c32278d95fa60acbfeb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-5df8dcf92c7a7c32278d95fa60acbfeb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 1333506
x-cache: HIT
content-length: 226
x-request-id: 75ac6585-3c31-462d-8054-4d3aaf019f15
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Mon, 27 Mar 2023 20:02:42 GMT
server: Fastly
etag: "f6ff2b5ca153d43c332b4e54c118e3d0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

POST csp-report
q.stripe.com/ Frame 079D 0
0

GET
H2 200 shared-8f0efe81f6283029ec47a17eef507ceb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 079D 404 KB
97 KB 14ms
13ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-6158a5c474b4220ed871f45fa5aa1edc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a958b3f616d681c715832cae2452bdf2c48b11d68c93f21ca7c513f1289b557a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-6158a5c474b4220ed871f45fa5aa1edc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 6069
x-cache: HIT
content-length: 99230
x-request-id: 7b54bef6-9ae2-4038-83c5-31c5007663d3
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 12 Apr 2023 17:06:52 GMT
server: Fastly
etag: "8b8b4f9d8ae838147627b04117051f4c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 567

GET
H2 200 ui-shared-96f863232c659e13fad47b29295c05e8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 079D 280 KB
88 KB 16ms
15ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-96f863232c659e13fad47b29295c05e8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-6158a5c474b4220ed871f45fa5aa1edc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a1639f5665472e8f062923d3ff20b0de33a49fa33f0c7fdbd90d949b016ec240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-6158a5c474b4220ed871f45fa5aa1edc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 74710
x-cache: HIT
content-length: 89983
x-request-id: 246319e1-5964-4459-93a0-58bd25a66058
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Tue, 11 Apr 2023 22:02:22 GMT
server: Fastly
etag: "994ef3f2da0e9f2312b3dfdc563c81ce"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2045

GET
H2 200 elements-inner-au-bank-account-a551416ee7ad115d92fed4ae96518c96.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 079D 18 KB
6 KB 17ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-au-bank-account-a551416ee7ad115d92fed4ae96518c96.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-6158a5c474b4220ed871f45fa5aa1edc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

40bee9119cd400346a475af2925e1aaed3138ad5b3891263bfe00d80ea8ab290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-6158a5c474b4220ed871f45fa5aa1edc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 1042642
x-cache: HIT
content-length: 6320
x-request-id: 01bf3545-47f1-401b-bdc0-f6cd7e59678e
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 31 Mar 2023 17:02:33 GMT
server: Fastly
etag: "5fb5fb4334595c7cc8c69c69c1163723"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame 079D 19 KB
3 KB 16ms
15ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-6158a5c474b4220ed871f45fa5aa1edc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-6158a5c474b4220ed871f45fa5aa1edc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 1734331
x-cache: HIT
content-length: 3195
x-request-id: 02d3ac66-2278-4cc4-bac6-a877c6d14f54
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Thu, 23 Mar 2023 17:02:05 GMT
server: Fastly
etag: "dbd37658a3a8a3842b147403a54940ff"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 36091

GET
H2 200 elements-inner-au-bank-account-57fba3d32760450908b133bd3a67dfe9.css
js.stripe.com/v3/fingerprinted/css/ Frame 079D 803 B
531 B 25ms
25ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-au-bank-account-57fba3d32760450908b133bd3a67dfe9.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-6158a5c474b4220ed871f45fa5aa1edc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b3317edb36ae2953f386b91e2dd78698347bcfe17cfb655a27e150763f7905b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-6158a5c474b4220ed871f45fa5aa1edc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 741943
x-cache: HIT
content-length: 314
x-request-id: 53452f85-b394-406c-af96-ac2a29a7924e
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Mon, 03 Apr 2023 20:02:06 GMT
server: Fastly
etag: "df8aa0b0d19ae07d20c3a5f512eac71d"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H3 200 token Show response
api.fundraiseup.com/paymentSession/1355836622519307546/googlePay/ 228 B
793 B 149ms
146ms XHR
text/plain 172.67.72.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/paymentSession/1355836622519307546/googlePay/token?merchantOrigin=bgca.org

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/6873.680371e07b176774d33d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11af59d98c80819d17ceea3d816cbe145346e11cf556059e1a1d0f405c839603

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bgca.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
content-security-policy: frame-ancestors 'self' fundraiseup.com
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-response-time: 34ms
pragma: no-cache
server: cloudflare
vary: Origin
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://bgca.org
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s79hdTVDUEqcRZUv7omdQlFpvsotl8Z4VNk3ZDBqzXamCxaKyY8TPv23BE01OAzGRgKVRGKPl6P5ICBEhjedkSD45il5FElCN4Vt8r%2Fs7qNQDQc%2FLFuNACFXcN3dULytLmeSOBI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7b6da6779b373606-FRA
expires: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame AC33 156 B
670 B 525ms
174ms XHR
application/json 35.167.148.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.167.148.162 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-167-148-162.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

476f8b050c658771089a8967032440278babf3d669a6e9b7047343610c1725fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 12 Apr 2023 18:49:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1681325377665819
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 6
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1681325377665563
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame CE81 54 KB
17 KB 16ms
15ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48B6) /

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bgca.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Wed, 12 Apr 2023 18:49:37 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6271663d-d994"
expires: Wed, 12 Apr 2023 19:49:37 GMT
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 6ab38a7c0e819
server: ECAcc (ama/48B6)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000006ab38a7c0e819-629449c6f6aca428-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:00:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2919
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 12 Apr 2023 19:00:58 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=218489151916488&ev=InitiateCheckout&dl=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&rl=&if=false&ts=1681325377269&cd[content_name]=IDM%20Email%20Donor%20Form&cd[content_ids]=%5B%22FUNBGVFHEUH%22%2C%22EmailDonor%22%5D&cd[content_type]=product&sw=1600&sh=1200&v=2.9.101&r=stable&ec=2&o=30&fbp=fb.1.1681325376224.1237103573&it=1681325376124&coo=false&eid=event.1681325377268.8986041&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Apr 2023 18:49:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 20ms
20ms Stylesheet
text/css 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637467659257774831
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/85046614-f79e-4135-aa46-f10361434581/user.js?cb=638164950787936148
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Apr 2023 18:49:37 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 267563
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 3f0e7b82-001e-002b-532b-656c88000000
cache-control: public, max-age=2678400
x-ms-version: 2009-09-19
cf-ray: 7b6da67819272c35-FRA
expires: Sat, 13 May 2023 18:49:37 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/43027/bgca.org/jsonp/ 627 B
1 KB 439ms
155ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/43027/bgca.org/jsonp/z?cb=1681325377300&callback=jQuery171009935350509250851_1681325377286&_=1681325377301
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/85046614-f79e-4135-aa46-f10361434581/user.js?cb=638164950787936148
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8e8057b68ce3dc12bf5abcaa36a9d9ed9bcc2dea8faf5957d5ec60368d97bf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:37 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
258 B 19ms
19ms Image
image/gif 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1681325377292&h=bgca.org&e=p&u=43027
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Apr 2023 18:49:37 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 2331871
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: ca951551-701e-0060-4b38-2c5d12000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7b6da678293f2c35-FRA

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 9CA9 474 B
374 B 7ms
7ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e2ac51b2f54f5d47da9da461a38233c15951ad4533ca10b40d7afe9e8139714e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-4e4663227a7434a38009e2b0047bf2ee.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 20
x-cache: HIT
content-length: 297
x-request-id: 9cb219d9-422e-42ff-a359-116778c5093f
x-served-by: cache-fra-eddf8230043-FRA
last-modified: Wed, 12 Apr 2023 17:46:36 GMT
server: Fastly
etag: "6e264cdc1c4cca33b824eaa022c61039"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame D421 474 B
371 B 10ms
9ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e2ac51b2f54f5d47da9da461a38233c15951ad4533ca10b40d7afe9e8139714e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 20
x-cache: HIT
content-length: 297
x-request-id: 5b39469f-5516-42f2-aa35-430fc913d606
x-served-by: cache-fra-eddf8230043-FRA
last-modified: Wed, 12 Apr 2023 17:46:36 GMT
server: Fastly
etag: "6e264cdc1c4cca33b824eaa022c61039"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 70E2 474 B
371 B 7ms
7ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e2ac51b2f54f5d47da9da461a38233c15951ad4533ca10b40d7afe9e8139714e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 20
x-cache: HIT
content-length: 297
x-request-id: 8a224ca8-9db1-4c90-8226-25b2881ea4b4
x-served-by: cache-fra-eddf8230043-FRA
last-modified: Wed, 12 Apr 2023 17:46:36 GMT
server: Fastly
etag: "6e264cdc1c4cca33b824eaa022c61039"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame F542 474 B
371 B 10ms
10ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e2ac51b2f54f5d47da9da461a38233c15951ad4533ca10b40d7afe9e8139714e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-24c32716f89ed77fa00114384ac77591.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 20
x-cache: HIT
content-length: 297
x-request-id: 4fea645d-2fdd-465f-9702-32219393e8fe
x-served-by: cache-fra-eddf8230043-FRA
last-modified: Wed, 12 Apr 2023 17:46:36 GMT
server: Fastly
etag: "6e264cdc1c4cca33b824eaa022c61039"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame BC39 474 B
371 B 8ms
7ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e2ac51b2f54f5d47da9da461a38233c15951ad4533ca10b40d7afe9e8139714e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-iban-5df8dcf92c7a7c32278d95fa60acbfeb.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 20
x-cache: HIT
content-length: 297
x-request-id: 1d8002a6-f595-4529-b1d5-e11208625a1b
x-served-by: cache-fra-eddf8230043-FRA
last-modified: Wed, 12 Apr 2023 17:46:36 GMT
server: Fastly
etag: "6e264cdc1c4cca33b824eaa022c61039"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 079D 474 B
370 B 7ms
7ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e2ac51b2f54f5d47da9da461a38233c15951ad4533ca10b40d7afe9e8139714e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-6158a5c474b4220ed871f45fa5aa1edc.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 20
x-cache: HIT
content-length: 297
x-request-id: 3cd841db-48d1-4e7c-929d-e00ce51e502a
x-served-by: cache-fra-eddf8230043-FRA
last-modified: Wed, 12 Apr 2023 17:46:36 GMT
server: Fastly
etag: "6e264cdc1c4cca33b824eaa022c61039"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9

GET
H2 200 banks-a7d997c53ff554cc3ec0247e0c61fa42.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 079D 4 KB
2 KB 10ms
9ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/banks-a7d997c53ff554cc3ec0247e0c61fa42.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4a9508d1b930239dc0fa249afc784febd3ba9b3506f8e258585a87e7de05a6aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-6158a5c474b4220ed871f45fa5aa1edc.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 varnish
age: 1854106
x-cache: HIT
content-length: 1459
x-request-id: 80eb5e5c-6b93-4e18-b645-26765e9c13aa
x-served-by: cache-fra-eddf8230043-FRA
last-modified: Tue, 21 Mar 2023 20:10:30 GMT
server: Fastly
etag: "a7d997c53ff554cc3ec0247e0c61fa42"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 39C0 0
239 B 107ms
8ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=28076436-fd41-4d00-87b1-223d3c27a023&expires=28
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 39C0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=KAdkNv1BTQCHsSI9PCegIw
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEMgq3j1FvgZ6b_18Pv1XfFU&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=KAdkNv1BTQCHsSI9PCegIw

170 B
243 B

18ms
17ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=KAdkNv1BTQCHsSI9PCegIw

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 12 Apr 2023 18:49:38 GMT
Server: MT3 776 936c8db master hkg-pixel-x23 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=KAdkNv1BTQCHsSI9PCegIw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 12 Apr 2023 18:49:37 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1698163909&t=pageview&_s=2&dl=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&dp=%2Fways-to-give%2F%23FUNBGVFHEUH%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&ul=en-us&de=UTF-8&dt=Ways%20To%20Give&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAiAIJRAAAAEAM~&jid=&gjid=&cid=1331364226.1681325376&tid=UA-3761046-2&_gid=661438469.1681325376&gtm=45He34a0n71KH58QX&z=679526853

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2665
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1698163909&t=event&_s=3&dl=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&dp=%2Fways-to-give%2F%23FUNBGVFHEUH%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&ul=en-us&de=UTF-8&dt=Ways%20To%20Give&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Fundraise%20Up%20Checkout%20Events&ea=Fundraise%20Up%20Checkout%20Open&el=IDM%20Email%20Donor%20Form%20(FUNBGVFHEUH)&_u=aDDAiAIJRAAAAEAM~&jid=&gjid=&cid=1331364226.1681325376&tid=UA-3761046-2&_gid=661438469.1681325376&gtm=45He34a0n71KH58QX&z=173415336

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2665
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 remediation_1680789796996.js Show response
cdn.userway.org/widgetapp/2023-04-06/remediation/ 156 KB
42 KB 17ms
17ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-04-06/remediation/remediation_1680789796996.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-04-06/widget_app_base_1680789796996.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: aff2c5d0d2c07a0eb018fb08af529b7de87f328fb1c7882dda21dfac8a2ebd7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 c179ca8f9ebae77e3e88259990d0a4e0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BUD50-C1
age: 12
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 535155
x-77-nzt: AcO1rgUiNTL/cyoIAA
x-accel-expires: @1706710222
last-modified: Thu, 06 Apr 2023 14:06:55 GMT
server: CDN77-Turbo
etag: W/"df08f00583dc984c3044c24567830fad"
x-77-nzt-ray: 25b02131b1fabd0141fd366467aa0a1e
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: H0kPDnt4KLLJAzps9ZyZ-mdC1bGQoFjh2ndQaZNuJnp6DroONs3udw==

GET
H2 200 jrhZ1mhJpYW9T5hw.json Show response
cdn.userway.org/remediations/consolidated/2485765/ 230 KB
34 KB 1043ms
1042ms XHR
application/json 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2485765/jrhZ1mhJpYW9T5hw.json
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/6873.680371e07b176774d33d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 970e06df6852bb17ec95558e6c5dc67f86ccd923a2278904e04f5303f148fc79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 12 Apr 2023 18:49:38 GMT
via: 1.1 a2a926ace399371954fc9fbb55fd02aa.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BUD50-C1
x-amz-server-side-encryption: AES256
x-cache: MISS
x-77-cache: MISS
x-77-nzt: AcO1rgU71grB
x-accel-expires: @1712861378
last-modified: Wed, 12 Apr 2023 18:17:06 GMT
server: CDN77-Turbo
etag: W/"b6773f2cf9bc4e495aef7f324e0449d0"
x-77-nzt-ray: 25b021315ef2a61e41fd366426e5091e
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: jAJMlco1RKlqGTa9ee4Yf_Er9C8t-xUC2xmq7aUg-Hasxf04YC70AA==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
1 KB 14ms
13ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 aa89236c3ef628703c4b8322e4ce6d96.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: MXP64-C2
age: 75728
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 2870312
x-77-nzt: AcO1rgWVOxj/KMwrAA
x-accel-expires: @1704375065
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray: 25b02131b1fabd0141fd36642636541f
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: eJxc4z8d1fWYRYPCBiwPT3wZD3gt2viTdXgwppzRB29cORPA7Dcttw==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 12 Apr 2023 18:49:37 GMT
via: 1.1 41ef3b5e61707f8600cd12eaad85b048.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: MXP64-C2
age: 75728
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 2870312
x-77-nzt: AcO1rgW/5y3/KMwrAA
x-accel-expires: @1704375065
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 25b02131b1fabd0141fd3664974a591f
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: 9Kp7GY9xz50aUaljC_wYkDaWBVQoKVcW2PH0QtEr62_WEog8EQQtWg==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 115 KB
35 KB 106ms
66ms Script
application/javascript 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

daab4a16cf14de6fa4654845903efaf7767f3fc113d73ea3d15b7f6d875c1131

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-Y8obXWGJHTU042LDwCri7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-Y8obXWGJHTU042LDwCri7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 12 Apr 2023 18:49:37 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 168ms
168ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377617605
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377617270
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 166ms
166ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377617863
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377617527
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 170ms
170ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377618795
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377617918
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 168ms
168ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377618797
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377618273
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 169ms
169ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377618984
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377618604
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 172ms
172ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377619717
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377619035
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 175ms
174ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377620244
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377619502
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 174ms
173ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377620480
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377619944
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 171ms
171ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377620498
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377620203
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 176ms
175ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377620596
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1681325377620675
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 176ms
176ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377622192
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377621304
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 176ms
175ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377622583
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377621949
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 176ms
175ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377622586
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377621999
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 175ms
174ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377622554
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377622386
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 176ms
175ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377622919
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377622391
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 175ms
175ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377623533
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377623001
access-control-allow-credentials: true
content-length: 0

GET
H2 200 ts
t.paypal.com/ Frame 429F 42 B
448 B 173ms
173ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A5K24XTFT6SEE8-1&page=muse%3Aoffer%3A%3A%3A5K24XTFT6SEE8-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=f4ccbc63-2c08-4aa8-ad13-4f725883e449&es=visitorInfoFlowStarted&mrid=5K24XTFT6SEE8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1681325377539&g=0&completeurl=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/3594) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/3594)
traceparent: 00-000000000000000000005bbad5732737-e36573fa77ce2b7c-01
content-type: image/gif
paypal-debug-id: 5bbad5732737
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Wed, 12 Apr 2023 18:49:37 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 318ms
318ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377780353
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1681325377780081
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 319ms
319ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377780700
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377780154
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 316ms
315ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377780691
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377780231
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 311ms
310ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377780640
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377780365
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 324ms
324ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377780829
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1681325377780350
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 313ms
313ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377780817
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377780502
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 321ms
321ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377780909
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377780427
access-control-allow-credentials: true
content-length: 0

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame CE81 435 B
2 KB 242ms
241ms Fetch
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5148dcc73f4c450e448a98a3ae7a68d830b0c4e455b4cdfafaf12e384dbb39a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-ipgYlY/fNRDjsTMPuWLpaj9hitEvPIrywfLTIVNj/ypzQCFh' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-ipgYlY/fNRDjsTMPuWLpaj9hitEvPIrywfLTIVNj/ypzQCFh' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Wed, 12 Apr 2023 18:49:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f114691cd24a0
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220059-HHN, cache-fra-eddf8230071-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f114691cd24a0-025560c54c25fed6-01
x-timer: S1681325378.777153,VS0,VE234
etag: W/"1b3-PjZAYHWYnvl0Rmx3Ck5wK6XpSpQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 213ms
213ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 12 Apr 2023 18:49:37 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f11469184845d
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f11469184845d-8554d5a9a0953967-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-hhn-etou8220036-HHN, cache-fra-eddf8230082-FRA
x-timer: S1681325378.562570,VS0,VE165

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 301ms
301ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377780855
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377780572
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 305ms
305ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377780875
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1681325377780559
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 296ms
296ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377780862
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377780585
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 296ms
296ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377780554
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377780612
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 300ms
300ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377781148
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377780832
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 300ms
300ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377781163
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377780878
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 296ms
296ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377781297
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377780961
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 293ms
292ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377781330
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1681325377781090
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9CA9 0
273 B 302ms
302ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:37 GMT
x-stripe-server-envoy-start-time-us: 1681325377781190
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1681325377781007
access-control-allow-credentials: true
content-length: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 7CAB 18 KB
8 KB 202ms
202ms Document
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fbgca.org&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7dc18724f7a94bfed732bcbbb074186d78593b9094207f2f8a65a3ffd2524c33

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-jJa6crFU7VKOVBn4iwZrXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bgca.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-jJa6crFU7VKOVBn4iwZrXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy: same-site
date: Wed, 12 Apr 2023 18:49:37 GMT
expires: Wed, 12 Apr 2023 18:49:37 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H3 200 tb
fndrsp.net/ 2 B
486 B 151ms
151ms Ping
text/plain 172.64.129.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/ALGMTNTC

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.129.3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://bgca.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 18:49:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfSNbKJot1WHo7zV0HLeV5Uqb9qIy3OEtQorepgDtsh2vxo9HETBBGq%2BrtecHdKJO4b2L5X2%2BfF2Bop2789klJv7HYdQZkD8aaycxww2ezAGYe1FGvIQG5QWd5tE"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bgca.org
access-control-allow-credentials: true
cf-ray: 7b6da67c1c8a91db-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 tb
fndrsp-checkout.net/ 2 B
509 B 360ms
333ms Ping
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp-checkout.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/ALGMTNTC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://bgca.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 18:49:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ks0UWpd7tQoVh%2FLSye%2FruUDuu0kWRb7Ux1i9ZcaEN8a0BqgzWxZUMNnpFHppZwWrh0qbP%2FVxIgYSNgVaqGFSb1st95QFpxoZCN0Pz3m9L4Czo9HAC1a3RwzmKZLwsGI6Dxevx8UQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://bgca.org
access-control-allow-credentials: true
cf-ray: 7b6da67c4b7591ed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 7CAB 2 KB
2 KB 119ms
119ms Other
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: bgca.org
URL: https://bgca.org/ways-to-give?form=EmailDonor&amount=100&firstName=Lorraine&lastName=Dawkins&email=lorraine.dawkins@ros.com&utm_source=idm_20230412_don&utm_campaign=idm_5kclub&utm_medium=email&utm_content=donate-header
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fbgca.org&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 12 Apr 2023 18:49:38 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hUT7fFH-cOk.es5.O/am=wPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMit... Frame 7CAB 158 KB
56 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hUT7fFH-cOk.es5.O/am=wPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriUTbd5vzdyq9ojw39TYQ2H6iegzQ/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fbgca.org&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e37be60b6f45068c6a8d7ede2ee32af071513677a5591fa1424603294d7187d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57042
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 04:26:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 16:19:20 GMT

GET
H2 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hUT7fFH-cOk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gju... Frame 7CAB 70 KB
26 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hUT7fFH-cOk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gjupQ2KWQ-A.L.B1.O/am=wPEAIA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfri-nLVLhWmNvWlscI3cXM6x_F6S3g/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hUT7fFH-cOk.es5.O/am=wPEAIA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriUTbd5vzdyq9ojw39TYQ2H6iegzQ/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f88ca502131bda284172174db34ddf1cb50f309e9aaf6eac29d2e1b8e0f8e29f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26126
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 20:28:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 16:30:26 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 7CAB 1 MB
387 KB 73ms
73ms XHR
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee00d52d82e3c533665ba6d987f703609403212bb3ea1ec4a1c7e5adeee943fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zQtpGq5it6UtEl-ltH2Glg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:38 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zQtpGq5it6UtEl-ltH2Glg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 12 Apr 2023 18:49:38 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hUT7fFH-cOk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gju... Frame 7CAB 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hUT7fFH-cOk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gjupQ2KWQ-A.L.B1.O/am=wPEAIA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfri-nLVLhWmNvWlscI3cXM6x_F6S3g/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08464564f3826ec55e511bdeaeac88f72c9e6e9f6765c803f6f3e5925d527388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9366
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 20:28:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 16:30:27 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hUT7fFH-cOk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gju... Frame 7CAB 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hUT7fFH-cOk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gjupQ2KWQ-A.L.B1.O/am=wPEAIA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfri-nLVLhWmNvWlscI3cXM6x_F6S3g/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5456b81e8b054a26bf37738ea95f8474e0d1602d13b9272bd2827327b8cf8b38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13539
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 20:28:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 16:30:27 GMT

POST
H3 200 log Show response
play.google.com/ Frame 7CAB 131 B
155 B 33ms
17ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 18:49:38 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 18:49:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 36ms
13ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 12 Apr 2023 18:49:38 GMT
expires: Wed, 12 Apr 2023 18:49:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 7CAB 131 B
155 B 33ms
18ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 18:49:38 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 18:49:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 34ms
14ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 12 Apr 2023 18:49:38 GMT
expires: Wed, 12 Apr 2023 18:49:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 7CAB 131 B
155 B 34ms
19ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 18:49:38 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 18:49:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 34ms
14ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 12 Apr 2023 18:49:38 GMT
expires: Wed, 12 Apr 2023 18:49:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 7CAB 131 B
155 B 65ms
51ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 18:49:38 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 18:49:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 32ms
15ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 12 Apr 2023 18:49:38 GMT
expires: Wed, 12 Apr 2023 18:49:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 7CAB 131 B
155 B 31ms
16ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 18:49:38 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 18:49:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 29ms
15ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 12 Apr 2023 18:49:38 GMT
expires: Wed, 12 Apr 2023 18:49:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 7CAB 131 B
155 B 29ms
16ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 18:49:38 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 18:49:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 27ms
15ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 12 Apr 2023 18:49:38 GMT
expires: Wed, 12 Apr 2023 18:49:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 links
api.userway.org/api/br-links/v0/ Frame 0
0 166ms
166ms Preflight 52.32.105.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.32.105.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-105-92.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bgca.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
date: Wed, 12 Apr 2023 18:49:38 GMT
x-service-version: apps-afedf709

POST
H2 200 links Show response
api.userway.org/api/br-links/v0/ 160 B
501 B 169ms
169ms XHR
application/json 52.32.105.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/6873.680371e07b176774d33d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.32.105.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-105-92.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: cf48a5a4150d028998dcaa89f11931daa791195b12a13470fa361399f57eb0d4

Request headers

Referer: https://bgca.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Apr 2023 18:49:39 GMT
etag: W/"a0-1lH8PMFHgH4CQ6+MhJbEjT39hnY"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 160
x-service-version: apps-afedf709

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 23DD 200 B
883 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bgca.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8537832
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 18:49:39 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 570210
x-content-type-options: nosniff
x-request-id: 22e05e56-b8fa-499f-b3cb-3496a5122f80
x-served-by: cache-fra-eddf8230111-FRA

GET
H2 200 nav_menu_helper1680789796996.js Show response
cdn.userway.org/widgetapp/2023-04-06/remediation/ 22 KB
6 KB 15ms
14ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-04-06/remediation/nav_menu_helper1680789796996.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-04-06/widget_app_base_1680789796996.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fedc9a5ed3d075f3a8a120ea6a4c67c0d605a864db0b91c808a4d66e3ab19a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 12 Apr 2023 18:49:39 GMT
via: 1.1 7a4584fd3c2a27bbe552d92ba541848a.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BUD50-C1
age: 13
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 535155
x-77-nzt: AcO1rgVS7yz/cyoIAA
x-accel-expires: @1706710224
last-modified: Thu, 06 Apr 2023 14:06:55 GMT
server: CDN77-Turbo
etag: W/"8ad50e8de84df6abb8cb9fc3765b5ba6"
x-77-nzt-ray: 25b02131b1fabd0143fd36642f3e0806
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: JzJWVZS52_C1R0fc2Vg5JrFgN5jQmvyfg3rgOKTg5lgCXzRJmhH3pA==

POST
H2 200 0 Show response
r.stripe.com/ Frame 9A16 0
273 B 170ms
170ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8f0efe81f6283029ec47a17eef507ceb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Apr 2023 18:49:39 GMT
x-stripe-server-envoy-start-time-us: 1681325379185846
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1681325379185271
access-control-allow-credentials: true
content-length: 0

POST csp-report
q.stripe.com/ Frame 23DD 0
0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 23DD 631 B
504 B 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:39 GMT
via: 1.1 varnish
age: 12955489
x-cache: HIT
content-length: 332
x-request-id: 10a501c6-f688-4e70-885e-e36349b200a3
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 486799

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 9300 930 B
1 KB 8ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 134
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 18:49:39 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 121
x-content-type-options: nosniff
x-request-id: 33b486c3-bacc-47b5-bf3c-58bbd95d1e8b
x-served-by: cache-fra-eddf8230111-FRA
x-timer: S1681325379.126803,VS0,VE0

GET
H2 200 6228264269771556 Show response
api.userway.org/api/remediation/moderation/by-page/2485765/ 40 B
437 B 229ms
228ms XHR
application/json 52.32.105.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/remediation/moderation/by-page/2485765/6228264269771556
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/6873.680371e07b176774d33d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.32.105.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-105-92.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ff3dea72b50d325069410d9803d21d6c5fd550fbdeef6e9aef8e24de44c01167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:39 GMT
etag: W/"28-1sg/UPziPAQd7Usr8fJS7L6DUZY"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr41c0872a59da47e
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 40
x-service-version: uw-pr

POST csp-report
q.stripe.com/ Frame 9300 0
0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 9300 86 KB
16 KB 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 12 Apr 2023 18:49:39 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 274
x-cache: HIT
content-length: 16031
x-request-id: b26244a6-8b4e-4a6a-9446-c23d078ee1e9
x-served-by: cache-fra-eddf8230111-FRA
server: Fastly
x-timer: S1681325379.167109,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 221

POST
H2 200 6 Show response
m.stripe.com/ Frame 9300 156 B
669 B 171ms
171ms XHR
application/json 35.167.148.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.167.148.162 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-167-148-162.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

07c75ddac48f48c04ee0233c3f16f3e25b247e6f9f3e8c6a7810fcd462b51e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 12 Apr 2023 18:49:39 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1681325379275890
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1681325379275259
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H/1.1

200
OK

img
sync.mathtag.com/sync/ Frame 39C0
Redirect Chain

https://ib.adnxs.com/getuid?https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fmt_exid%3D13%26mt_mminit%3D1%26mt_exuid%3D%24UID
https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=9182310181545180246

43 B
440 B

211ms
211ms

Image
image/gif

103.229.206.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=9182310181545180246
Protocol: HTTP/1.1
Server: 103.229.206.241 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 776 936c8db master hkg-pixel-x8 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:39 GMT
Server: MT3 776 936c8db master hkg-pixel-x8 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Wed, 12 Apr 2023 18:49:38 GMT

Redirect headers

Date: Wed, 12 Apr 2023 18:49:39 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 67bae4b3-c72b-4f6d-9586-519e1cc9a9fc
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=9182310181545180246
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 39C0 42 B
555 B 248ms
14ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA=&piggybackCookie=uid:28076436-fd41-4d00-87b1-223d3c27a023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 12 Apr 2023 18:49:38 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 39C0 43 B
273 B 40ms
17ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=28076436-fd41-4d00-87b1-223d3c27a023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:39 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 39C0
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=5&external_user_id=28076436-fd41-4d00-87b1-223d3c27a023
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=28076436-fd41-4d00-87b1-223d3c27a023

43 B
441 B

31ms
31ms

Image
image/gif

54.78.84.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=28076436-fd41-4d00-87b1-223d3c27a023
Protocol: H2
Server: 54.78.84.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-84-139.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 Apr 2023 18:49:39 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=5&external_user_id=28076436-fd41-4d00-87b1-223d3c27a023
access-control-allow-origin: *
date: Wed, 12 Apr 2023 18:49:39 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 39C0
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=28076436-fd41-4d00-87b1-223d3c27a023
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=28076436-fd41-4d00-87b1-223d3c27a023&C=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=28076436-fd41-4d00-87b1-223d3c27a023&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Apr 2023 18:49:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 12 Apr 2023 18:49:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=3&external_user_id=28076436-fd41-4d00-87b1-223d3c27a023&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55938/ Frame 39C0
Redirect Chain

https://ups.analytics.yahoo.com/ups/55938/sync?uid=28076436-fd41-4d00-87b1-223d3c27a023&_origin=1
https://ups.analytics.yahoo.com/ups/55938/sync?uid=28076436-fd41-4d00-87b1-223d3c27a023&_origin=1&verify=true

0
121 B

9ms
9ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55938/sync?uid=28076436-fd41-4d00-87b1-223d3c27a023&_origin=1&verify=true

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:39 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55938/sync?uid=28076436-fd41-4d00-87b1-223d3c27a023&_origin=1&verify=true
date: Wed, 12 Apr 2023 18:49:39 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 4448
stags.bluekai.com/site/ Frame 39C0 62 B
459 B 392ms
161ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/4448?id=28076436-fd41-4d00-87b1-223d3c27a023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 12 Apr 2023 18:49:39 GMT
content-length: 62
content-type: image/gif

GET
H2

200

pixel
cm.adform.net/ Frame 39C0
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=80&user_id=28076436-fd41-4d00-87b1-223d3c27a023&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=28076436-fd41-4d00-87b1-223d3c27a023&expires=30
https://cm.adform.net/pixel?adform_pid=3&adform_pc=981f0145-bd7c-4e4f-8dc7-8c7393e6a886&adform_v=1

43 B
163 B

101ms
23ms

Image
image/gif

37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=3&adform_pc=981f0145-bd7c-4e4f-8dc7-8c7393e6a886&adform_v=1
Protocol: H2
Server: 37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:39 GMT
last-modified: Fri, 18 Nov 2022 16:49:04 GMT
server: nginx
accept-ranges: bytes
etag: "6377b780-2b"
content-length: 43
content-type: image/gif

Redirect headers

location: //cm.adform.net/pixel?adform_pid=3&adform_pc=981f0145-bd7c-4e4f-8dc7-8c7393e6a886&adform_v=1
date: Wed, 12 Apr 2023 18:49:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 39C0 43 B
667 B 40ms
37ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=10:30&mt_cb=994798&mop_top=9:1681323486|4:1681323486|13:1681323486|3:1681323486|5:1681323486|276:1681323486|15:1681323486|21:1681323486|10010:1681323486|46:1681323486|
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 776 936c8db master zrh-pixel-x31 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=28076436-fd41-4d00-87b1-223d3c27a023&no_iframe=1&mt_adid=258122&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:39 GMT
Server: MT3 776 936c8db master zrh-pixel-x31 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 12 Apr 2023 18:49:38 GMT

GET
H2 451 361087.gif
idsync.rlcdn.com/ Frame 39C0 0
98 B 245ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/361087.gif?partner_uid=28076436-fd41-4d00-87b1-223d3c27a023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

img
pixel.mathtag.com/sync/ Frame 39C0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mediamath_dmp&google_cm
https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEPQlDeV0rVbVXlc5L51s5uU&google_cver=1

43 B
416 B

37ms
37ms

Image
image/gif

2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEPQlDeV0rVbVXlc5L51s5uU&google_cver=1
Protocol: HTTP/1.1
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 776 936c8db master zrh-pixel-x28 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:39 GMT
Server: MT3 776 936c8db master zrh-pixel-x28 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 12 Apr 2023 18:49:38 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEPQlDeV0rVbVXlc5L51s5uU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 39C0
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=28076436-fd41-4d00-87b1-223d3c27a023
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=28076436-fd41-4d00-87b1-223d3c27a023

95 B
438 B

20ms
19ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=28076436-fd41-4d00-87b1-223d3c27a023

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:39 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Wed, 12 Apr 2023 18:49:39 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=28076436-fd41-4d00-87b1-223d3c27a023
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK us.gif
sync.go.sonobi.com/ Frame 39C0 49 B
535 B 444ms
106ms Image
image/gif 69.166.1.12
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=28076436-fd41-4d00-87b1-223d3c27a023

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Apr 2023 18:49:39 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-184
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 39C0 43 B
699 B 95ms
35ms Image
image/gif 2.16.238.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=28076436-fd41-4d00-87b1-223d3c27a023&redirectId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-146.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Apr 2023 18:49:39 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1681325379722040-534
Expires: Wed, 12 Apr 2023 18:49:39 GMT

GET
H/1.1 204
No Content merge
ce.lijit.com/ Frame 39C0 0
311 B 73ms
16ms Image
text/plain 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=28076436-fd41-4d00-87b1-223d3c27a023
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Wed, 12 Apr 2023 18:49:39 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 39C0 43 B
114 B 80ms
24ms Image
image/gif 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=25&partneruserid=28076436-fd41-4d00-87b1-223d3c27a023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:39 GMT
content-type: image/gif

GET
H/1.1

200
OK

info
uip.semasio.net/userreport/1/ Frame 39C0
Redirect Chain

https://uip.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=28076436-fd41-4d00-87b1-223d3c27a023&sInitiator=external
https://uip.semasio.net/mediamath/1/info2?sType=sync&sExtCookieId=28076436-fd41-4d00-87b1-223d3c27a023&sInitiator=external
https://se.semasio.net/sync/1/14876172?sExtCookieId=28076436-fd41-4d00-87b1-223d3c27a023&sInitiator=external&gdpr=
https://track.adform.net/serving/cookie/match/?party=1008&gdpr=
https://track.adform.net/serving/cookie/match/?CC=1&party=1008&gdpr=
https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=859336912867273605&sInitiator=internal&gdpr=
https://se.semasio.net/sync/1/16266044?sExtCookieId=859336912867273605&gdpr=&sInitiator=internal
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=9182310181545180246&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NjUyNERFNEY3N0RBRDhERQ&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESENUotNt8ZbbjHBBPLB8lTw8&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESENUotNt8ZbbjHBBPLB8lTw8&sInitiator=internal&google_cver=1&gdpr=
https://redirect.userreport.com/cs/1/6524DE4F77DAD8DE
https://uip.semasio.net/userreport/1/info

42 B
603 B

35ms
34ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uip.semasio.net/userreport/1/info
Protocol: HTTP/1.1
Server: 77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:48 GMT
frontend-id: 6
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Date: Wed, 12 Apr 2023 18:49:41 GMT
Via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
X-Cache: Miss from cloudfront
Location: https://uip.semasio.net/userreport/1/info
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: QhNYzKSYT9a2XBrkpWol3LYVwXKBMTaxaptV_kqqcpGDJaIJMkhvsg==

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 39C0
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=6653&uid=28076436-fd41-4d00-87b1-223d3c27a023
https://sync.search.spotxchange.com/partner?adv_id=6653&uid=28076436-fd41-4d00-87b1-223d3c27a023&__user_check__=1&sync_id=c7a6c94f-d962-11ed-8cb9-155da6fd0106

43 B
548 B

40ms
39ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6653&uid=28076436-fd41-4d00-87b1-223d3c27a023&__user_check__=1&sync_id=c7a6c94f-d962-11ed-8cb9-155da6fd0106
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:39 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 96
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 12 Apr 2023 18:49:39 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6653&uid=28076436-fd41-4d00-87b1-223d3c27a023&__user_check__=1&sync_id=c7a6c94f-d962-11ed-8cb9-155da6fd0106
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 91
Connection: keep-alive
Content-Length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 39C0 95 B
384 B 66ms
30ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=28076436-fd41-4d00-87b1-223d3c27a023&env=mWeb&zpartnerid=979&zdid=979
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:39 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://pixel.mathtag.com
access-control-allow-credentials: true
cf-ray: 7b6da6878fc69948-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 39C0 43 B
822 B 39ms
38ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=20:30&mt_cb=846263&mop_top=9:1681323486|4:1681323486|13:1681323486|3:1681323486|5:1681323486|276:1681323486|15:1681323486|21:1681323486|10010:1681323486|46:1681323486|10017:1681323486|10074:1681323486|10072:1681323486|42:1681323486|44:1681323486|17:1681323486|39:1681323486|10041:1681323486|30:1681323486|10092:1681323486|
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 776 936c8db master zrh-pixel-x27 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=28076436-fd41-4d00-87b1-223d3c27a023&no_iframe=1&mt_adid=258122&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:39 GMT
Server: MT3 776 936c8db master zrh-pixel-x27 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 12 Apr 2023 18:49:38 GMT

GET
H2 204 /
loadm.exelator.com/load/ Frame 39C0 0
324 B 87ms
6ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=101&buid=28076436-fd41-4d00-87b1-223d3c27a023&j=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

tpui
ih.adscale.de/adscale-ih/ Frame 39C0
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=28076436-fd41-4d00-87b1-223d3c27a023
https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=28076436-fd41-4d00-87b1-223d3c27a023&nut&uu=f526829f89db41fe92855119cb9f3ae8

49 B
332 B

9ms
8ms

Image
image/gif

3.127.96.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=28076436-fd41-4d00-87b1-223d3c27a023&nut&uu=f526829f89db41fe92855119cb9f3ae8
Protocol: H2
Server: 3.127.96.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-96-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Wed, 12 Apr 2023 18:49:39 GMT
content-length: 49
content-type: image/gif

Redirect headers

location: https://ih.adscale.de/adscale-ih/tpui?tpid=39&tpuid=28076436-fd41-4d00-87b1-223d3c27a023&nut&uu=f526829f89db41fe92855119cb9f3ae8
date: Wed, 12 Apr 2023 18:49:39 GMT
content-length: 0

GET
H2

200

sync
ad.sxp.smartclip.net/ Frame 39C0
Redirect Chain

https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=28076436-fd41-4d00-87b1-223d3c27a023
https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=28076436-fd41-4d00-87b1-223d3c27a023&ang_testid=1

42 B
450 B

33ms
33ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=28076436-fd41-4d00-87b1-223d3c27a023&ang_testid=1
Protocol: H2
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:49:39 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Wed, 12 Apr 2023 18:49:39 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=40&dspuuid=28076436-fd41-4d00-87b1-223d3c27a023&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 usync
su.addthis.com/red/ Frame 39C0 0
95 B 346ms
148ms Image
text/plain 2.19.224.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://su.addthis.com/red/usync?pid=11112&puid=28076436-fd41-4d00-87b1-223d3c27a023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.224.115 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-224-115.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:40 GMT
cache-control: max-age=0, no-cache, no-store, no-transform

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 39C0
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=mediamath
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath

0
338 B

114ms
30ms

Image
text/plain

52.51.47.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath
Protocol: H2
Server: 52.51.47.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-47-150.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: beacon-n024-dub-prod.krxd.net
date: Wed, 12 Apr 2023 18:49:40 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1681325380
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=mediamath
date: Wed, 12 Apr 2023 18:49:40 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a006-ash-prod.krxd.net

GET
H/1.1

200
OK

37464
i6.liadm.com/s/ Frame 39C0
Redirect Chain

https://i.liadm.com/s/37464?bidder_id=7156&bidder_uuid=28076436-fd41-4d00-87b1-223d3c27a023
https://i.liadm.com/s/37464?bidder_id=7156&bidder_uuid=28076436-fd41-4d00-87b1-223d3c27a023&_li_chk=true&previous_uuid=70fd50a8fb1d45dcaa17bee9f669a769
https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=28076436-fd41-4d00-87b1-223d3c27a023

43 B
548 B

435ms
104ms

Image
image/gif

2600:1f18:ed:550f:b16d:e001:514:e364
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=28076436-fd41-4d00-87b1-223d3c27a023

Protocol

HTTP/1.1

Server

2600:1f18:ed:550f:b16d:e001:514:e364 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:40 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/37464?bidder_id=7156&bidder_uuid=28076436-fd41-4d00-87b1-223d3c27a023
Date: Wed, 12 Apr 2023 18:49:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 39C0
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=28076436-fd41-4d00-87b1-223d3c27a023
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=28076436-fd41-4d00-87b1-223d3c27a023&ct=y

49 B
545 B

47ms
46ms

Image
image/gif

34.247.20.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=28076436-fd41-4d00-87b1-223d3c27a023&ct=y
Protocol: H2
Server: 34.247.20.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-20-4.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:39 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.216
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:39 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=28076436-fd41-4d00-87b1-223d3c27a023&ct=y
cache-control: no-cache
x-server: 10.45.14.211
content-length: 0
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 39C0
Redirect Chain

https://dpm.demdex.net/ibs:dpid=269&dpuuid=28076436-fd41-4d00-87b1-223d3c27a023
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=28076436-fd41-4d00-87b1-223d3c27a023

42 B
942 B

43ms
43ms

Image
image/gif

52.50.220.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=28076436-fd41-4d00-87b1-223d3c27a023

Protocol

HTTP/1.1

Server

52.50.220.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-220-58.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v047-02030cf90.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 1RsnBbz7SME=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v047-0b25ee5a9.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Ir9h/rF2SHk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=28076436-fd41-4d00-87b1-223d3c27a023
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

/
pixel.mathtag.com/sync/img/ Frame 39C0
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132948&mt=28076436-fd41-4d00-87b1-223d3c27a023
https://d.agkn.com/pixel/10751/?che=1681325379897&ip=217.64.151.5&l1=https%3A%2F%2Fpixel.mathtag.com%2Fsync%2Fimg%2F%3Fmt_exid%3D10009%26mt_exuid%3D
https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=

43 B
415 B

67ms
67ms

Image
image/gif

2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=
Protocol: HTTP/1.1
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 776 936c8db master zrh-pixel-x3 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:40 GMT
Server: MT3 776 936c8db master zrh-pixel-x3 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 12 Apr 2023 18:49:39 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 Apr 2023 18:49:39 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://pixel.mathtag.com/sync/img/?mt_exid=10009&mt_exuid=
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200 9.gif
id5-sync.com/s/3/ Frame 39C0 43 B
1 KB 29ms
7ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/3/9.gif?puid=28076436-fd41-4d00-87b1-223d3c27a023

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 12 Apr 2023 18:49:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 39C0 43 B
983 B 45ms
45ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=30:30&mt_cb=986018&check=28076436-fd41-4d00-87b1-223d3c27a023&mop_top=9:1681323486|4:1681323486|13:1681323486|3:1681323486|5:1681323486|276:1681323486|15:1681323486|21:1681323486|10010:1681323486|46:1681323486|10017:1681323486|10074:1681323486|10072:1681323486|42:1681323486|44:1681323486|17:1681323486|39:1681323486|10041:1681323486|30:1681323486|10092:1681323486|10008:1681323486|26:1681323486|50:1681323486|10025:1681323486|10031:1681323486|36:1681323486|10040:1681323486|10004:1681323486|10009:1681323486|10089:1681323486|
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 776 936c8db master zrh-pixel-x27 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=28076436-fd41-4d00-87b1-223d3c27a023&no_iframe=1&mt_adid=258122&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 18:49:39 GMT
Server: MT3 776 936c8db master zrh-pixel-x27 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 12 Apr 2023 18:49:38 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 19ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RZHZDDSPW0&gtm=45je34a0&_p=1698163909&cid=1331364226.1681325376&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&sid=1681325376&sct=1&seg=0&dl=https%3A%2F%2Fbgca.org%2Fways-to-give%3Fform%3DEmailDonor%26amount%3D100%26firstName%3DLorraine%26lastName%3DDawkins%26email%3Dlorraine.dawkins%40ros.com%26utm_source%3Didm_20230412_don%26utm_campaign%3Didm_5kclub%26utm_medium%3Demail%26utm_content%3Ddonate-header&dt=Ways%20To%20Give&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RZHZDDSPW0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bgca.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 18:49:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bgca.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 429F 295 B
430 B 10ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bgca.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:49:42 GMT
via: 1.1 varnish
age: 12955467
x-cache: HIT
content-length: 209
x-request-id: ae99bbfe-2002-437c-a402-cc12892ee52e
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 64574

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

97 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 11:45:17	Name: _li_ss Value: CgsKCQj_____BxDxFA
i6.liadm.com/s	1970-01-20 11:45:17	Name: _li_ss Value: CgA
bgca.org/	1969-12-31 23:59:59	Name: website#lang Value: en
bgca.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: dgs4zg0o1mmm3bnlhtut5cri
bgca.org/	1970-01-20 20:38:05	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 481449af738f4994ac3d61a020659d7c\|False
.bgca.org/	1969-12-31 23:59:59	Name: ARRAffinity Value: c35e3f4c92a2657a95e7d7be2863206baf84e003287cdaebb4b6dde49cac86c0
.bgca.org/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: c35e3f4c92a2657a95e7d7be2863206baf84e003287cdaebb4b6dde49cac86c0
.bgca.org/	1970-01-20 20:38:05	Name: fundraiseup_cid Value: 16813253758645357929
.bgca.org/	1970-01-20 13:11:41	Name: _gcl_au Value: 1.1.298457012.1681325376
.mathtag.com/	1970-01-20 20:28:00	Name: uuid Value: 28076436-fd41-4d00-87b1-223d3c27a023
bgca.org/	1970-01-20 11:03:31	Name: ln_or Value: eyI1Njk2ODEiOiJkIn0%3D
.bgca.org/	1970-01-20 20:38:05	Name: _ga Value: GA1.2.1331364226.1681325376
.bgca.org/	1970-01-20 11:03:31	Name: _gid Value: GA1.2.661438469.1681325376
.bgca.org/	1970-01-20 11:02:05	Name: _dc_gtm_UA-3761046-2 Value: 1
.bing.com/	1970-01-20 20:23:41	Name: MUID Value: 2630707A1B1461D20E4A628B1AC660C9
.bgca.org/	1970-01-20 13:11:41	Name: _fbp Value: fb.1.1681325376224.1237103573
.linkedin.com/	1970-01-20 11:45:17	Name: UserMatchHistory Value: AQLzdgp0rNrzggAAAYd2zULUjw6x5n8V-W4A_tLFjcK4-ghTgFoXSc9MLY1bayo3GM9E3j8xkr-3XQ
.linkedin.com/	1970-01-20 11:45:17	Name: AnalyticsSyncHistory Value: AQKXkxWqma55ggAAAYd2zULUSeBx6465tGhzIcJGN_jHodmnmONy-xGZhr2vaG2kwPBXUpcF8u7lwgZ4IePlEw
.linkedin.com/	1970-01-20 19:47:41	Name: bcookie Value: "v=2&73e2a9e2-6f73-4547-87f8-ac39e7e87335"
.linkedin.com/	1970-01-20 11:03:31	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2544:u=1:x=1:i=1681325376:t=1681411776:v=2:sig=AQEglc1d6MTxwemYKT4AaFNjP13WpZUF"
.mathtag.com/	1970-01-20 11:45:17	Name: mt_misc Value: mt_bt:1
.bgca.org/	1969-12-31 23:59:59	Name: fundraiseup_session Value: {%22t%22:%22.bgca.org%22%2C%22s%22:%221681325375980%22%2C%22sp%22:2%2C%22x%22:%2210%22}
.bgca.org/	1970-01-20 19:47:41	Name: _hjSessionUser_515392 Value: eyJpZCI6ImY5NmJjYzNkLTI5N2ItNThlNy04NjE4LWUwYWI5M2MwMmVlNyIsImNyZWF0ZWQiOjE2ODEzMjUzNzY0NjcsImV4aXN0aW5nIjpmYWxzZX0=
.bgca.org/	1970-01-20 11:02:07	Name: _hjFirstSeen Value: 1
.bgca.org/	1970-01-20 11:02:05	Name: _hjIncludedInSessionSample_515392 Value: 0
.bgca.org/	1970-01-20 11:02:07	Name: _hjSession_515392 Value: eyJpZCI6IjJlMTg0YWRiLTZiYzUtNGJhYS05YmJjLTQ0ODNmNjcwN2RkMiIsImNyZWF0ZWQiOjE2ODEzMjUzNzY0ODMsImluU2FtcGxlIjpmYWxzZX0=
.www.linkedin.com/	1970-01-20 19:47:41	Name: bscookie Value: "v=1&202304121849366ce7a29c-13ed-40c2-8304-4449e4ce8430AQG1q1iBnjHfCyduqhkn-XgqReBDBLvI"
.linkedin.com/	1970-01-20 15:21:17	Name: li_gc Value: MTswOzE2ODEzMjUzNzY7MjswMjFGaDQ8J6XSpHkB4BeQ1MYWWraTKxqyrX1zUfXvkrTwjA==
.bgca.org/	1970-01-20 11:02:07	Name: _hjAbsoluteSessionInProgress Value: 0
.bgca.org/	1970-01-20 11:03:31	Name: _uetsid Value: c57ee7d0d96211eda2470d08ccdb74ad
.bgca.org/	1970-01-20 20:23:41	Name: _uetvid Value: c57f0d80d96211ed9105c10ecefacbd4
.paypal.com/	1970-01-20 20:38:05	Name: ts_c Value: vr%3D76cd46821870a57167315d9bffffffff%26vt%3D76cd46821870a57167315d9bfffffffe
.doubleclick.net/	1970-01-20 20:23:41	Name: IDE Value: AHWqTUlOKBblYMSe3UgUQubcTbuE77qr9Q8YEE4XN1Nuc7V695jFm4M7bQX1P1DFHuY
.google.com/	1970-01-20 15:25:36	Name: NID Value: 511=Q7-9a5eP3Zp8yURguxUCPmirTo--C7bk7wf07YIWl2Izkuf2hFCVoJLnhSJHNNH7ru26PPf1V5mBBvpRcwKlosQE57kTU8OYgQMcsXUBQf685adi4_2fJ3UeR0bpb7CZPenFB8mMu338g490tK49ug53TbEel6ohPzjdpzETQ7Y
.lightboxapi.azurewebsites.net/	1970-01-20 11:02:08	Name: TiPMix Value: 73.920499150014
.lightboxapi.azurewebsites.net/	1970-01-20 11:02:08	Name: x-ms-routing-name Value: self
m.stripe.com/	1970-01-20 20:38:05	Name: m Value: 4582d290-6fa9-463c-95ad-de619d3d6c20c58d57
.bgca.org/	1970-01-20 19:47:41	Name: __stripe_mid Value: 2df31d7f-499f-4c8f-9535-5e47079c6afc36125e
.bgca.org/	1970-01-20 11:02:07	Name: __stripe_sid Value: a40c4058-a15a-4837-8d6b-d13e378b22dc0e1703
.paypal.com/	1970-01-20 19:47:41	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 11:02:36	Name: LANG Value: de_DE%3BDE
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY4MTMyNTM3NzkzMyIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 11:06:24	Name: tsrce Value: targetingnodeweb
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AP2XY8InVGPqjxY19fXrrQLjbwrJfmmGb.k9SeEKi9CMzJDo2zyX11Ga92UXxfM6x40zUfGDhfRfk
.paypal.com/	1970-01-20 11:02:07	Name: l7_az Value: dcg13.slc
.paypal.com/	1970-01-20 20:38:05	Name: ts Value: vreXpYrS%3D1776019777%26vteXpYrS%3D1681327177%26vr%3D76cd46821870a57167315d9bffffffff%26vt%3D76cd46821870a57167315d9bfffffffe%26vtyp%3D
.paypalobjects.com/	1970-01-20 11:03:31	Name: paypal-offers--cust Value: null:null:null
.bgca.org/	1970-01-20 20:38:05	Name: _ga_RZHZDDSPW0 Value: GS1.1.1681325376.1.0.1681325379.57.0.0
.casalemedia.com/	1970-01-20 19:47:41	Name: CMID Value: ZDb9Q.X3dQruReH73TvBegAA
.casalemedia.com/	1970-01-20 13:11:41	Name: CMPS Value: 3399
.casalemedia.com/	1970-01-20 13:11:41	Name: CMPRO Value: 3399
.bidswitch.net/	1970-01-20 19:47:41	Name: tuuid Value: 981f0145-bd7c-4e4f-8dc7-8c7393e6a886
.bidswitch.net/	1970-01-20 19:47:41	Name: c Value: 1681325379
.bidswitch.net/	1970-01-20 19:47:41	Name: tuuid_lu Value: 1681325379
.yahoo.com/	1970-01-20 19:48:02	Name: A3 Value: d=AQABBEP9NmQCEKCPePMCbvHISXP5RjKpMyEFEgEBAQFOOGRAZAAAAAAA_eMAAA&S=AQAAAkfaCwOtRHoNfyWJLbRiUaQ
.pubmatic.com/	1970-01-20 13:11:41	Name: KRTBCOOKIE_27 Value: 16735-uid:28076436-fd41-4d00-87b1-223d3c27a023&KRTB&16736-uid:28076436-fd41-4d00-87b1-223d3c27a023&KRTB&23019-uid:28076436-fd41-4d00-87b1-223d3c27a023&KRTB&23114-uid:28076436-fd41-4d00-87b1-223d3c27a023
.pubmatic.com/	1970-01-20 11:45:17	Name: PugT Value: 1681325378
.tapad.com/	1970-01-20 12:28:29	Name: TapAd_TS Value: 1681325379673
.tapad.com/	1970-01-20 12:28:29	Name: TapAd_DID Value: 6861c8f2-d8ad-4816-947d-8625f4eb0341
.analytics.yahoo.com/	1970-01-20 19:47:41	Name: IDSYNC Value: 175u~2b1u
.adnxs.com/	1970-01-20 13:11:41	Name: uuid2 Value: 9182310181545180246
.360yield.com/	1970-01-20 13:11:41	Name: tuuid Value: 9b5c43a8-7eac-42ab-b41a-b8dc4be1c1fe
.360yield.com/	1970-01-20 13:11:41	Name: tuuid_lu Value: 1681325379
.tapad.com/	1970-01-20 12:28:29	Name: TapAd_3WAY_SYNCS Value:
.360yield.com/	1970-01-20 13:11:41	Name: um Value: !5,saipL5qrfK6cPPdiliM5vMXzkDXEPPXBbeHZaeCkdgxfmltidUywnAh4EoOs40Kjc-I,1689101379
.360yield.com/	1970-01-20 13:11:41	Name: umeh Value: !5,0,1743533379,-1
.ads.stickyadstv.com/	1970-01-20 12:28:29	Name: uid-bp-529 Value: 28076436-fd41-4d00-87b1-223d3c27a023
.ads.stickyadstv.com/	1970-01-20 11:45:17	Name: UID Value: b146f64daebfcea12b6a8e51c3ab15
.zeotap.com/	1970-01-20 19:47:41	Name: zc Value: 88479507-6ae3-494d-7fc9-f6bdf6e2b234
.spotxchange.com/	1970-01-20 11:42:24	Name: audience Value: c7a6c891-d962-11ed-8cb9-155da6fd0106
.semasio.net/	1970-01-20 19:47:41	Name: SEUNCY Value: 6524DE4F77DAD8DE
.adscale.de/	1970-01-20 19:44:21	Name: uu Value: f526829f89db41fe92855119cb9f3ae8
.adscale.de/	1970-01-20 19:44:21	Name: cct Value: 1681325379814
.bluekai.com/	1970-01-20 15:25:36	Name: bku Value: ROW99Ww2BZxj3oR/
.bluekai.com/	1970-01-20 15:25:36	Name: bkpa Value: KJy91QeBd02pSUHknpx6BeQdSVx21MQyBpR61pR+jZx61u66je9ynEQlRMW+1M/pjeBM1M5C1e/p9yOxkx0i
.ih.adscale.de/	1970-01-20 19:44:21	Name: tu Value: 4#1036746156#39~28076436-fd41-4d00-87b1-223d3c27a023~467034~0~0
.sxp.smartclip.net/	1970-01-20 11:45:17	Name: uuid Value: cbb958b2-43fd-3664-4dbb-c199e23aa2ad
.sxp.smartclip.net/	1970-01-20 11:45:17	Name: dspuuid Value: 40.28076436-fd41-4d00-87b1-223d3c27a023
.sxp.smartclip.net/	1970-01-20 11:45:17	Name: psyn Value: 19459.40
.id5-sync.com/	1970-01-20 11:02:05	Name: cf Value:
.id5-sync.com/	1970-01-20 11:02:05	Name: cip Value:
.id5-sync.com/	1970-01-20 11:02:05	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:02:05	Name: car Value:
.id5-sync.com/	1970-01-20 11:02:05	Name: gdpr Value:
.id5-sync.com/	1970-01-20 11:02:05	Name: callback Value:
.agkn.com/	1970-01-20 19:47:41	Name: ab Value: 0001%3AzidewDYQHCtUDGMIEsKiMjfQdPJU24%2F7
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s85184\|ZDb9R
.mathtag.com/	1970-01-20 11:45:17	Name: mt_mop Value: 4:1681323486\|10025:1681323486\|21:1681323486\|10089:1681323486\|10008:1681323486\|10004:1681323486\|36:1681323486\|10040:1681323486\|10009:1681323486\|10010:1681323486\|39:1681323486\|10031:1681323486\|44:1681323486\|10017:1681323486\|50:1681323486\|10074:1681323486\|26:1681323486\|13:1681323486\|9:1681323486\|10092:1681323486\|42:1681323486\|5:1681323486\|10041:1681323486\|10072:1681323486\|3:1681323486\|17:1681323486\|30:1681323486\|15:1681323486\|276:1681323486\|46:1681323486
.crwdcntrl.net/	1970-01-20 17:30:50	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 17:30:50	Name: _cc_id Value: ee5a51afe1a67eebc04f8b3e17e21fd4
.agkn.com/	1970-01-20 19:47:41	Name: u Value: C\|0AAAAAAAAK8m5wwAAAAAA
.adform.net/	1970-01-20 11:45:17	Name: C Value: 1
.adform.net/	1970-01-20 12:28:29	Name: uid Value: 859336912867273605
.demdex.net/	1970-01-20 15:21:17	Name: demdex Value: 16651797359068646741759614384172385183
.dpm.demdex.net/	1970-01-20 15:21:17	Name: dpm Value: 16651797359068646741759614384172385183
.krxd.net/	1970-01-20 15:21:17	Name: _kuid_ Value: PfdXufZ1
.liadm.com/	1970-01-20 20:38:05	Name: lidid Value: 70fd50a8-fb1d-45dc-aa17-bee9f669a769

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://static.fundraiseup.com/checkout.772ea11015f52543226a.js Message: Allow attribute will take precedence over 'allowpaymentrequest'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://idsync.rlcdn.com/361087.gif?partner_uid=28076436-fd41-4d00-87b1-223d3c27a023 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ad.360yield.com
ad.sxp.smartclip.net
ads.stickyadstv.com
api.fundraiseup.com
api.userway.org
bat.bing.com
beacon.krxd.net
bgca.org
cdn.fundraiseup.com
cdn.linkedin.oribi.io
cdn.polyfill.io
cdn.userway.org
ce.lijit.com
click.e.bgca.org
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.adroll.com
d.agkn.com
dpm.demdex.net
dsum-sec.casalemedia.com
eu-u.openx.net
fndrsp-checkout.net
fndrsp.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
js.stripe.com
lightboxapi.azurewebsites.net
loadm.exelator.com
m.stripe.com
m.stripe.network
maps.googleapis.com
maps.gstatic.com
mwzeom.zeotap.com
pay.google.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
play.google.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
r.stripe.com
redirect.userreport.com
region1.analytics.google.com
resources.xg4ken.com
rtb-csync.smartadserver.com
s.adroll.com
script.hotjar.com
se.semasio.net
sentry.fundraiseup.com
snap.licdn.com
stags.bluekai.com
static.fundraiseup.com
static.hotjar.com
stats.g.doubleclick.net
su.addthis.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.search.spotxchange.com
t.paypal.com
track.adform.net
ucarecdn.com
uip.semasio.net
uipglob.semasio.net
ups.analytics.yahoo.com
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.lightboxcdn.com
www.linkedin.com
www.paypal.com
www.paypalobjects.com
x.bidswitch.net
q.stripe.com
103.229.206.241
104.26.5.251
13.107.42.14
13.111.45.29
137.135.91.176
141.95.33.111
142.250.74.194
147.135.78.45
151.101.1.21
151.101.128.176
172.64.129.3
172.67.72.38
18.164.52.121
18.185.199.79
18.185.209.202
18.198.69.109
18.66.97.37
185.64.189.110
185.80.39.216
185.86.139.104
185.89.210.46
185.94.180.126
188.114.97.3
192.229.221.25
2.16.238.146
2.18.233.201
2.19.224.115
2.23.197.190
20.40.202.0
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2a
216.52.2.39
2600:1f18:ed:550f:b16d:e001:514:e364
2600:9000:20eb:4600:2:53b2:240:93a1
2600:9000:2113:f800:6:9280:1080:93a1
2600:9000:223c:1000:d:b853:c880:93a1
2606:4700:10::6816:1957
2606:4700::6813:d383
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:800::200a
2a00:1450:4001:811::200e
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c02::5c
2a00:1450:400c:c0d::9b
2a02:26f0:3500:11::215:14dc
2a02:26f0:3500:16::215:148d
2a02:6ea0:c700::11
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::282
2a05:d018:cc3:fe05:c272:fe68:50ad:1ea
3.127.96.147
3.67.140.136
3.75.62.37
34.111.113.62
34.194.16.253
34.238.211.149
34.247.20.4
35.167.148.162
35.186.194.101
35.244.159.8
35.244.174.68
37.157.5.141
52.32.105.92
52.50.220.58
52.51.47.150
54.186.23.98
54.78.84.139
54.88.204.97
69.166.1.12
69.173.144.139
77.243.60.138
01014fb5bed5e21b7ae3ca6d476b9b24617c8b2077dd96fab4836697f1476e01
0519550f325eca62edfe45307432d9f1d605be50c4e1c0c22efc3ad80eb829f9
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
065d26617564050e204f98c5987d4c8cfa8e81f7d54b07a96e73c5f6706f7528
067d089951c4b7849dc363030fe0a0f41495709b2a7496a5c10d13eeb56a55f0
0762cd74165ef3a33018c9c79b5ee29dda63ea894d90da2e7b16003018f0fa4f
07ba9a74a6c7ca4c17d697156e8ed01d49de7ce21e369b28323daa6e7d17ac3c
07c75ddac48f48c04ee0233c3f16f3e25b247e6f9f3e8c6a7810fcd462b51e14
0842843d1561f03fb7029eee70ecebdd203acb8c9679c1cbeb6b889bf53fe89d
08464564f3826ec55e511bdeaeac88f72c9e6e9f6765c803f6f3e5925d527388
0963455d15fe0d8135c83e908b7e01f546b388c0bbfaf55cfe6f20316a7cf279
0ace9ddb4ab1609c7dea7d1fb579acf3723b9c435a7a090ee41712e28857003e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8c84943cbb1a1f05e8039cd8c105c71940533e31bc9e9b031512985381ce2f
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0d4babde41db04eee4598374bfcf9b9447c40e3c8e88e7b76b865807e62d9ac7
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
0fab0327dac3172b38b41a2d89e319adee7f823e35ec8c089ee3f1619200a403
11a17cdb21234eea3e0fe8a5da355f596f8332f29b20bdcb346707516abd21da
11af59d98c80819d17ceea3d816cbe145346e11cf556059e1a1d0f405c839603
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
12efbe5d74ad77912fa70fea5fe914237cbbbf36fa8f7804b0691d4cf1d076fa
12fad3da27b3d9948b6d8ce4f304269296e6811b901ceaaadc560435f82e48ec
12fc0481cb87c7cf88fb62d0c6d057eab4015ed665472864e92b9227c2d801d1
14bf6d6aec8ee5b71710e2bedf5d7133be0e811709aaa27428a127da3a51ab99
15a461156d5255ece146f2e37a7cc4e3b136d882a571b9a52b2e94c08d397282
18d4d42e3d0c57090d0a859c147d8d138628336d0be560ed3d62c2b1f328dc91
192dde09bba7f25598a637ddd4bffea3640fd355ad5824c6df53bacc16d98bba
1ae2838948e4994978ea16176900e65292066e137f1546de1d2ef876bb036978
1bd1099e311a35983116e7e940f720491094569524f6927991d57abf3416b016
1c08301de637568359663263d80c1a73f053c83ceadcee9b591367bb35e203ab
1c2c06cfdd3c10175167819de5d010f4759b9088bbdade30e7c1eaa2c6afcbf4
1c649ccd3175950a89a24ed7311398f799dcca41c2bbf89ca1adc8654755244a
1cf0ea2d930d4583835bac8eb052ca66a252b2c02be054bbb11e427ad2fea641
1dc92901552250491ba8056b1681d80e3fe9222b5709f883b82e5539f54d7b21
1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10
1eb196ecfce8ea0d405fcac728fdf0d8b6a60ba442ea9a8b4e086f339deef989
1f5f88e302553dd32837163f3ea0295663dd25a954b5d8e4f4c60a59b15c2538
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
20b8a74f24c52c8c65547e59b12f7913df7b1679683f844aae9a5e801de9e60a
2321b0b4b86922c08bf69ae27a0e74d17ef5d8d0c1344e57485f8b940bd8e08a
2421b5ca61a41cc4c97e3ee6eb225bc1afce257760423873298c0a146fa9f873
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2d989b47e54d68dc2799509c5bc25d088b260a1f2882fd882c36035c8a5983d7
2f16687d84bbf3901d8079cdb3825fc704ee78c0ac262ed489a85757e55b20ad
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7cf331c60a8ef5c82170a275908144ce7404e77a3f7a37b37d7121611d1e71
2ff26da48ed878195ca3797be1205e10c8489084ac016512b2bfa5941f7a9363
302a0129797291d2ad622c4f829fc63d0c49f6c6b964b098fd0839d47a73a52b
30c9bc266ab826829ac842daa55ff0ed0cc57d094225407cf26ff75040720ee5
3348ea72862a663c65a62dcaf540bde68f8fba140f2ccd1df4d8b9efc0ed0bab
3365e8967b57d4ca75251668ed486b2e6fb3983caa149f133af34b989b1c78f1
34e4939e40a2f29678b84e180b0be2ecde0fd0d35cf5f000b7ea028c787266cb
36fc9410b3f02fdce5060168717a2182c1275ba8f116f257661b6deaa2851ee9
3ea0d0c42c649dfd7d637e5aaedede51c820ca48a6e89c9ab54dd4b0aa75a5d2
3ea77227b6346e5d45814a68f53cc47e948b9bcc890f84dab91583f567bda1a0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40bee9119cd400346a475af2925e1aaed3138ad5b3891263bfe00d80ea8ab290
40e6aba6bb0a9252648df2d53b3a1b5b66f51736323860eab807b9b7f927d15d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b60494a2e29c2e5a727c75ec5ba6236e458bbd522acf0d300dccbe84fc65d2
45b762459e23c0f0804f44d708b1574262a1264e61881e90aa37432b1451fc26
476f8b050c658771089a8967032440278babf3d669a6e9b7047343610c1725fc
4812cf4a078168d4a1338dc71eeb59def7a0699ac3535d3f6016e79832a054a0
4a9508d1b930239dc0fa249afc784febd3ba9b3506f8e258585a87e7de05a6aa
4b6895a273c502d52df85b832d217d6890c61b1903656fd34874c5a2e8290fa7
4c2a704595ba3af2621390272beeae09245bf7dfbacaeb1bc9dcde21c6d3d8b3
4d162e2e14ac35ef111f3e0ba689543a62a2b596a0c8bd15d4fc99370ad4e9a6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e59e298c05305797769c8afc96d790ba88e727807151b4859b06f117243d3a2
4eaf66587b00daefa7dbff8bda78c9d1ddb0a160f632985c00e9979e64abbb8c
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50f11135d4c98928f91c369d0c99a94e4b5871f6f6db43e39201a6f3cce65a9b
5456b81e8b054a26bf37738ea95f8474e0d1602d13b9272bd2827327b8cf8b38
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c90f7c5b7eaaf96553687a93d3a900c1259d61282078a1c976ebf20d302a85
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
585fe900a7b553ca5ceb600be426d051929b39bd0f4f1869231c85fc32101fb8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5f0bd76e72ed7178e96803461c7c30254b2505ae102f06c57ab534de0d803913
6035e43b5da22b1551c7d63d93aba85fa822bb0126d6a04c837e87a2faaafc76
6104004035bc73f193363f4fe3f77160ec3e7d49d5774426235d727b29270e62
61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c
6245d11d6830aa20d922f455491e1886e785045acfcb54cbe84734a63eed01e9
6269bafb85bd4d4fed6589655f7e0b8b612397226168098f95d3507848075f6d
629074e6c4a51683788693742c8faa83dffcf45e42d0467d35023631531cf54b
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
64ea44ee4a3c27180a39a3c722198b69c28708474c792d759a6f3a0ee7a5e14d
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6a3e9185e9e7de7a7305922fcef261f87ba5d7fb984485e4f5cf1504048d1b6a
6bf1a7bd0bbe3cace570ba9ec210d4a84435654e89b4b155471c7966fcef0715
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e8eac29420bfd7ebf4daafe835d7e4c386ec88ec7031a0c442d4f6ed186463c
6ee81cdf4c23f8b478412d25e81e9e4dea778569811c431d8f4a2fb5e75c4682
6ff49d262f4935789b68cfeed4a0a84df1ef7571615050f58a3f6dabcf1e8b77
7091d10e1a06dc8738ea5a6941052cbd2cdda8237f5e1dd0c7aa312d054075d5
71c617e21aaed6237206d6afe6bd4b08e6c01ce262cfee59a2424232ce6a8bd6
732e7eeb9a4a0a0bb43b94f94ef1766ecefc7b58240e0ff6d1fdd3b669bb0997
76f0ee0adf326bdc25aa3ce3fee554bbfb065f07510cd6d78370d124c79835d1
798ca8b044e8abd17236fa074c9ac96b3107a06421f7078fd96f8361dd13ad5d
7aa1a9952725346671b853a2a5846e28b0a65aa53a66b4cb4006436f56054d2d
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7cb2203c7d59f9631e0d429c5f3ca44f2591727dc0941c5612313e7b9dccbc9f
7dc18724f7a94bfed732bcbbb074186d78593b9094207f2f8a65a3ffd2524c33
80dfd2eab9f4efcdadf832eea3c62b0fb48b1d864b95639c8c42e7572495ae0e
81acf92bc595059670c0c0c9b0686f8322278490b88d6d9ba8f694b5c7274b98
82bcb67b0b877046e48d19613167ca16f29a8658399772be1b48680646d79f30
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
872bf83fc553470e90416b207bdacbb23c2117e62658df5b1b44d6403c276542
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a15898211c31c6e0d1cdf0793d6835a49df6f05f95266dbb12243f199d577f6
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9051a9e9317137b0f6b40af4502717a6ab3cb2fb0073f689bbfb7393aea74df5
91d9f7a1c861f5fedbe0cf405ee20e23f561ba14278023693685ee4c8c85239e
9506e03568e0e4d2a990071e8d46b62842329c4f19d3bc13229cf295c55c178c
9650c73362d0583a5ab76de10f5186a02b9e321d79612a52d14c2b49daaf8afa
970e06df6852bb17ec95558e6c5dc67f86ccd923a2278904e04f5303f148fc79
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
9909bcd8b5fa2b50742367b64a90fecff8b25b63af257d9845f015fa7c6ad3ec
991a9cb113797a6ac60741d28d56a5e6daf7e188e11cf4d3863e54d0bceede36
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9be4d70b180bf284eaaa01ba78d6daab8782a277af2c537dcf2745ed3465d476
9c4b023c5d1475e42bdc3b9dab1ba6192c6bb601062f28a6966c8c662f67343d
9cac943beecbb303023c4ccdee382932a8cb0f05e4e36db2b125ecd522bc972f
9cc66c25fed318c86075748cff18f10625da5d734238a90e0efed1ca5ae71445
9d2a1016a1ac98f47e2e73c0f2e5503583a1fb74402c757bb1cf63d0bd302375
9fa3de8facd380a933c2b4705a7700ee2511abdf7d84f32fc28444368096c7ff
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a13143be4f955b2d9d6d646a02436e74dd5f0bd1a8feeb4a637d17160831182d
a1639f5665472e8f062923d3ff20b0de33a49fa33f0c7fdbd90d949b016ec240
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a46c4dfb877a33939c70ff8348140c505f3d1c6ead31a3bd76e4ffe91a95cc20
a5148dcc73f4c450e448a98a3ae7a68d830b0c4e455b4cdfafaf12e384dbb39a
a51fe8748fc11fbacd6794f728e890abd4a6b3df15d6d282f0d733f915ec7c31
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6790e55c5fd96d34a44a8aeabde02fbfca7fe82f8d4d4afe24d510e77e4ad1d
a958b3f616d681c715832cae2452bdf2c48b11d68c93f21ca7c513f1289b557a
aa3e1fc1ae03041412d4036a453d1b86fac3adbefae7fd5065535a6b71b19442
ac0eed0925278f6e9e12505feb97e74e706ce28dafbf9a5463ecdfa2d532a5f1
acc5290164b4f690b6ffecbd6b02084541a4c2056828e16ebee3d585410a3b1f
afc9799bf086d2013803fd1746c57d23d772017f06c83708e482b4a2c200822b
aff2c5d0d2c07a0eb018fb08af529b7de87f328fb1c7882dda21dfac8a2ebd7d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3317edb36ae2953f386b91e2dd78698347bcfe17cfb655a27e150763f7905b1
b95b5de946b3a61f245008d6ccca4d7d182674ffe98222684b562727a4bb8c45
bbee68a53e3ff4a0e042a78844d680869b3c959b5be2684d1e264b2c87ec2209
bc30db248b77caa03b0486f54d262b34e783964a09abd11df80a885278a182b0
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c689470f678761db18d122634f3ca051416f23886e09ba5ad16dc08d4770f838
c92e0254c8f108457041eb58ff0a4a62d998e38e48fba7c91a316521acdd9629
c9f6eccb1eec474166058e27143b83b6b525d7f84f3ef27415994357cf81ca80
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc656953415eb31288d7b4c9a72b21054cea9b5c51f5b96e9482ab8055b19e4c
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
cdc2e1f2b46955fc18ac57ae77fc352edaa1487ed2fedc28862d5117d9e248ed
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf48a5a4150d028998dcaa89f11931daa791195b12a13470fa361399f57eb0d4
d43b57fd5e21f63677fd4ecf138074c18689143e7c4ce83e8906aeeb875d1310
d6ca03fd3627bff282ed519cf48dd2fdd5a88d29ee2176d4de3bfb61be54c2d7
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
daab4a16cf14de6fa4654845903efaf7767f3fc113d73ea3d15b7f6d875c1131
db1e6f29aaa1a966de25e65c81d869db453dd47ce0be0c6d5fa4f0ee44df707d
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
db95e7226c35cb93748ff48e5d41c1c1da39f91d5567fe97a1c96bcb51317609
ddaae4f658a2b6dbc11c6b95482d3abc3fe9a4e7c9debd1bc13cb82b3eac2731
df8944bf0e8d9596e393a10db0408637c20c4a38f59e3d08c10c643a26795576
e14e48313f6052f54c6e014a7dca745d23d11bbca5dc3c2b4dd5690fe5857450
e2ac51b2f54f5d47da9da461a38233c15951ad4533ca10b40d7afe9e8139714e
e37be60b6f45068c6a8d7ede2ee32af071513677a5591fa1424603294d7187d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40956cd769c1357fd7a8ec0629155ac799c5055ac6ad3f3efccb86192b054c7
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8e8057b68ce3dc12bf5abcaa36a9d9ed9bcc2dea8faf5957d5ec60368d97bf7
ee00d52d82e3c533665ba6d987f703609403212bb3ea1ec4a1c7e5adeee943fe
ee431470c13290a583f30995c6658fda6fe6b4a6e5f51c32ed1970bac8212b1b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f50b9bf1a91f14edd5986100acdc7aa27b867f8b7539d11aac594c8469792b09
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6bba823ed703b337012037bdb862a7a1e09fcb30c2c89840f661790bff56950
f7c20cf0b1ce979ae7e6083bb8f354d23315532925a552612b7ad40daa0aecff
f88ca502131bda284172174db34ddf1cb50f309e9aaf6eac29d2e1b8e0f8e29f
f8b48f24405eb1070d1bb82aa62d586b1e3561ddeb25aabc862824fec1f2eed8
f8bbd0e370f267b7ddac733af065cdd842db5a483cd28174c7f200fcf3a05c64
fa56f8ad590e2a9551421a208b7d94046e36bc736720428f94ab514899e0f8cd
fbaaba78357d4ed64648de8c0b4d969a5422ec1a384a382fdf82e034aa07da53
fedc9a5ed3d075f3a8a120ea6a4c67c0d605a864db0b91c808a4d66e3ab19a46
ff3dea72b50d325069410d9803d21d6c5fd550fbdeef6e9aef8e24de44c01167

bgca.org Open in urlscan Pro 137.135.91.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

348 Requests

89 %HTTPS

36 %IPv6

61 Domains

89 Subdomains

72 IPs

10 Countries

5929 kBTransfer

17869 kBSize

97 Cookies

19 Outgoing links

Page URL History

Redirected requests

348 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bgca.org Open in urlscan Pro
137.135.91.176 Public Scan

Screenshot
Live screenshot

Full Image

348
Requests

89 %
HTTPS

36 %
IPv6

61
Domains

89
Subdomains

72
IPs

10
Countries

5929 kB
Transfer

17869 kB
Size

97
Cookies

348 HTTP transactions
1 data transactions