www.wta.org Open in urlscan Pro
172.67.71.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wta.org/
Effective URL:
https://www.wta.org/
Submission: On December 23 via api (December 23rd 2023, 12:13:56 pm UTC) from AU — Scanned from AU

Summary HTTP 332 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 55 IPs in 5 countries across 40 domains to perform 332 HTTP transactions. The main IP is 172.67.71.26, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wta.org. The Cisco Umbrella rank of the primary domain is 741780.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 10th 2023. Valid for: a year.

This is the only time www.wta.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.26.8.125 104.26.8.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
46	172.67.71.26 172.67.71.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.38.129.67 23.38.129.67	16625 (AKAMAI-AS) (AKAMAI-AS)
5	172.217.167.72 172.217.167.72	15169 (GOOGLE) (GOOGLE)
2	142.250.67.10 142.250.67.10	15169 (GOOGLE) (GOOGLE)
6	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
13	104.18.197.95 104.18.197.95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.250.66.227 142.250.66.227	15169 (GOOGLE) (GOOGLE)
14	104.18.124.73 104.18.124.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.217.24.46 172.217.24.46	15169 (GOOGLE) (GOOGLE)
2	172.217.167.98 172.217.167.98	15169 (GOOGLE) (GOOGLE)
2 12	18.67.93.14 18.67.93.14	16509 (AMAZON-02) (AMAZON-02)
12	104.19.148.8 104.19.148.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.251.221.78 142.251.221.78	15169 (GOOGLE) (GOOGLE)
2	142.251.175.157 142.251.175.157	15169 (GOOGLE) (GOOGLE)
4	142.250.66.195 142.250.66.195	15169 (GOOGLE) (GOOGLE)
25 29	18.136.156.172 18.136.156.172	16509 (AMAZON-02) (AMAZON-02)
2	157.240.8.35 157.240.8.35	32934 (FACEBOOK) (FACEBOOK)
3	142.250.71.68 142.250.71.68	15169 (GOOGLE) (GOOGLE)
2	54.192.150.73 54.192.150.73	16509 (AMAZON-02) (AMAZON-02)
2	13.227.254.86 13.227.254.86	16509 (AMAZON-02) (AMAZON-02)
5	18.67.111.24 18.67.111.24	16509 (AMAZON-02) (AMAZON-02)
1	104.16.56.101 104.16.56.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.213.81.7 13.213.81.7	16509 (AMAZON-02) (AMAZON-02)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.16.123.175 104.16.123.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.246.128 108.138.246.128	16509 (AMAZON-02) (AMAZON-02)
27	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	142.251.221.66 142.251.221.66	15169 (GOOGLE) (GOOGLE)
1 3	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	66.225.223.95 66.225.223.95	3949 (NTTA-3946) (NTTA-3946)
2	207.65.33.82 207.65.33.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	13.228.126.19 13.228.126.19	16509 (AMAZON-02) (AMAZON-02)
2	141.226.229.48 141.226.229.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 3	35.71.178.8 35.71.178.8	16509 (AMAZON-02) (AMAZON-02)
1 3	103.43.90.53 103.43.90.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.190.88.7 35.190.88.7	15169 (GOOGLE) (GOOGLE)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
2	192.229.237.25 192.229.237.25	15133 (EDGECAST) (EDGECAST)
6	142.250.71.74 142.250.71.74	15169 (GOOGLE) (GOOGLE)
35	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
12	64.233.170.92 64.233.170.92	15169 (GOOGLE) (GOOGLE)
2	18.67.93.106 18.67.93.106	16509 (AMAZON-02) (AMAZON-02)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
4	44.228.215.240 44.228.215.240	16509 (AMAZON-02) (AMAZON-02)
2	35.186.205.6 35.186.205.6	15169 (GOOGLE) (GOOGLE)
2	142.250.67.3 142.250.67.3	15169 (GOOGLE) (GOOGLE)
1	198.202.176.201 198.202.176.201	16509 (AMAZON-02) (AMAZON-02)
12	172.217.167.99 172.217.167.99	15169 (GOOGLE) (GOOGLE)
36	172.217.167.110 172.217.167.110	15169 (GOOGLE) (GOOGLE)
332	55

1 104.26.8.125 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wta.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 172.67.71.26 (United States)

ASN13335 (CLOUDFLARENET, US)

www.wta.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.38.129.67 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-129-67.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.167.72 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.67.10 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.18.197.95 (None, )

ASN13335 (CLOUDFLARENET, US)

sdk.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.66.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.18.124.73 (None, )

ASN13335 (CLOUDFLARENET, US)

give.wta.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.24.46 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f46.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.167.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.67.93.14 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-14.syd62.r.cloudfront.net

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.19.148.8 (None, )

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.221.78 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.175.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.66.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 18.136.156.172 (Singapore, Singapore) 25 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-156-172.ap-southeast-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.71.68 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.150.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-73.sin2.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.254.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-86.sin52.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.67.111.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-24.syd62.r.cloudfront.net

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.56.101 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.213.81.7 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-81-7.ap-southeast-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.123.175 (None, )

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.246.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-246-128.sfo5.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.221.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.154.8 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.225.223.95 (Sacramento, United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.228.126.19 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.178.8 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.43.90.53 (Singapore, Singapore) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.88.7 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 7.88.190.35.bc.googleusercontent.com

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.237.25 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.71.74 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 64.233.170.92 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f92.1e100.net

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.67.93.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-106.syd62.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.228.215.240 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-215-240.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.205.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.205.186.35.bc.googleusercontent.com

notify.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.67.3 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f3.1e100.net

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.202.176.201 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.167.99 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 172.217.167.110 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f14.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	stripe.com js.stripe.com — Cisco Umbrella Rank: 1282 q.stripe.com — Cisco Umbrella Rank: 7730 r.stripe.com — Cisco Umbrella Rank: 3529 m.stripe.com — Cisco Umbrella Rank: 1245 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5257	1 MB
58	wta.org 1 redirects wta.org — Cisco Umbrella Rank: 709730 www.wta.org — Cisco Umbrella Rank: 741780 give.wta.org	2 MB
54	google.com analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2109 play.google.com — Cisco Umbrella Rank: 32	1 MB
41	adroll.com 27 redirects s.adroll.com — Cisco Umbrella Rank: 3061 d.adroll.com — Cisco Umbrella Rank: 1380	79 KB
22	gstatic.com fonts.gstatic.com maps.gstatic.com www.gstatic.com	531 KB
17	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2199 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 4875 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 4900 tracking.crazyegg.com — Cisco Umbrella Rank: 4175	183 KB
16	classy.org sdk.classy.org — Cisco Umbrella Rank: 45996 prod-frs.content.classy.org — Cisco Umbrella Rank: 42375 pay.classy.org — Cisco Umbrella Rank: 47051 assets.classy.org — Cisco Umbrella Rank: 49368	1 MB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 maps.googleapis.com — Cisco Umbrella Rank: 357	218 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	4 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	270 KB
5	rlcdn.com 3 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 408	971 B
5	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 5151	141 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	447 KB
4	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 599 notify.bugsnag.com — Cisco Umbrella Rank: 1295	235 B
4	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 491	594 B
4	google.com.au www.google.com.au — Cisco Umbrella Rank: 29909	777 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1230 syndication.twitter.com — Cisco Umbrella Rank: 1549	132 KB
3	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
3	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	1 KB
3	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	1 KB
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
3	addthis.com s7.addthis.com — Cisco Umbrella Rank: 3351	1 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 225	861 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1361	18 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	69 KB
2	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1293	733 B
2	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 859	931 B
2	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 689	574 B
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 339	2 KB
2	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 777	882 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	470 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	239 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	31 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 590	29 KB
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 4434	405 B
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 13515	43 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 857	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 26902	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
332	40

	Domain	Requested by
46	www.wta.org	www.wta.org
36	play.google.com	www.gstatic.com
29	d.adroll.com	25 redirects s.adroll.com www.wta.org cdn.transcend.io
27	js.stripe.com	cdn.transcend.io js.stripe.com
19	r.stripe.com	js.stripe.com
16	q.stripe.com	www.wta.org
13	prod-frs.content.classy.org	give.wta.org cdn.transcend.io www.wta.org prod-frs.content.classy.org
12	www.gstatic.com	pay.google.com www.gstatic.com
12	pay.google.com	js.stripe.com pay.google.com www.wta.org www.gstatic.com
12	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com cdn.transcend.io
12	s.adroll.com	2 redirects www.googletagmanager.com www.wta.org s.adroll.com d.adroll.com cdn.transcend.io
11	give.wta.org	sdk.classy.org give.wta.org cdn.transcend.io www.wta.org
8	fonts.gstatic.com	fonts.googleapis.com
6	maps.googleapis.com	cdn.transcend.io
6	connect.facebook.net	www.wta.org connect.facebook.net cdn.transcend.io
5	idsync.rlcdn.com	3 redirects www.wta.org
5	cdn.transcend.io	give.wta.org cdn.transcend.io
5	www.googletagmanager.com	www.wta.org www.googletagmanager.com cdn.transcend.io
4	m.stripe.com	m.stripe.network
4	us-u.openx.net	2 redirects www.wta.org
4	www.google.com.au	www.wta.org
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cdn.transcend.io
3	ib.adnxs.com	1 redirects www.wta.org
3	eb2.3lift.com	1 redirects www.wta.org
3	ups.analytics.yahoo.com	1 redirects www.wta.org
3	dsum-sec.casalemedia.com	1 redirects www.wta.org
3	www.google.com	www.wta.org
3	analytics.google.com	www.googletagmanager.com cdn.transcend.io
3	s7.addthis.com	www.wta.org www.googletagmanager.com cdn.transcend.io
2	maps.gstatic.com	www.wta.org
2	notify.bugsnag.com	cdn.transcend.io
2	bam.nr-data.net	cdn.transcend.io
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.youtube.com	cdn.transcend.io
2	platform.twitter.com	cdn.transcend.io
2	sessions.bugsnag.com	cdn.transcend.io
2	sync.taboola.com	www.wta.org
2	image2.pubmatic.com	www.wta.org
2	sync.outbrain.com	www.wta.org
2	pixel.rubiconproject.com	www.wta.org
2	pippio.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	x.bidswitch.net	www.wta.org
2	assets-tracking.crazyegg.com	script.crazyegg.com
2	pagestates-tracking.crazyegg.com	script.crazyegg.com
2	www.facebook.com	www.wta.org
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	www.googletagmanager.com cdn.transcend.io
2	fonts.googleapis.com	www.wta.org cdn.transcend.io
1	merchant-ui-api.stripe.com	js.stripe.com
1	code.jquery.com	cdn.transcend.io
1	syndication.twitter.com	platform.twitter.com
1	assets.classy.org	www.wta.org
1	pay.classy.org	cdn.transcend.io
1	js-agent.newrelic.com	cdn.transcend.io
1	tags.rd.linksynergy.com	1 redirects
1	cdn.plaid.com	cdn.transcend.io
1	unpkg.com	cdn.transcend.io
1	htp.tokenex.com	cdn.transcend.io
1	tracking.crazyegg.com	script.crazyegg.com
1	static.cloudflareinsights.com	give.wta.org
1	sdk.classy.org	www.wta.org
1	wta.org	1 redirects
332	63

This site contains links to these domains. Also see Links.

Domain
wta.org
facebook.com
twitter.com
www.pinterest.com
www.instagram.com
www.nealmaher.com
give.wta.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-09` - `2024-12-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-01` - `2023-12-30`	3 months	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-27` - `2024-02-19`	3 months	crt.sh
give.wta.org Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M03	`2023-10-09` - `2024-11-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2023-05-28` - `2024-06-26`	a year	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2023-02-08` - `2024-01-12`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-12`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
pay.classy.org Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
syndication.twitter.com R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.wta.org/
Frame ID: 32742FE07C42588BC8437015487FC561
Requests: 98 HTTP requests in this frame

Frame: https://give.wta.org/give/484340/
Frame ID: 26648D601B96652EEF3BA2355EF4ACEA
Requests: 99 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 509DBAB8B1FC5AF0DFDE9BACD0314C0C
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: 524F52B20BE78000035BF0BD39830797
Requests: 26 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html
Frame ID: A631E048F2965F191AE8306E0385DE83
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html
Frame ID: A79BE9A7F2DD358331DA79206B650A42
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html
Frame ID: 374B5844E270E6B20143456FCCC89631
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html
Frame ID: 2F4FDAC42E7D3568CF517CEA96E4C5A6
Requests: 5 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D7CA354112B99EFC47ACDD33B82BCF60
Requests: 7 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgive.wta.org
Frame ID: A749EF55A76AE2F70DF3D9C7F7A04251
Requests: 2 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0090/6935/site/give.wta.org.json?t=1
Frame ID: 3EA05BB0F21B576537C24827939B3065
Requests: 4 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: C034FF7D4802FAB6F1E5AA6209C8A480
Requests: 13 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 5CB2C49396305586B5EBF99071D0DA36
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html
Frame ID: 8CED658873AD98B829CF6620137962D6
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html
Frame ID: A6AA7093D3D8C260D8F36A7B8C596375
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: D797AD4264D3FABFD70127B9867D6DF1
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Washington Trails Association

Page URL History Show full URLs

http://wta.org/ HTTP 301
https://www.wta.org/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Leaflet (Maps) Expand

Overall confidence: 100%
Detected patterns

leaflet.{0,32}\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

332
Requests

91 %
HTTPS

0 %
IPv6

40
Domains

63
Subdomains

55
IPs

5
Countries

8065 kB
Transfer

25496 kB
Size

60
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://wta.org/volunteer
Title: Trail Work Parties

Search URL Search Domain Scan URL

URL: https://facebook.com/washingtontrails
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/WTA_hikers
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/washingtontrails/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.instagram.com/washingtontrails/
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.nealmaher.com/
Title: Design:

Search URL Search Domain Scan URL

URL: https://give.wta.org/give/526022/#!/donation/checkout?c_src=winter23popup1281212

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wta.org/ HTTP 301
https://www.wta.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://s.adroll.com/j/pre/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 80

https://d.adroll.com/pixel/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&cookie=&adroll_s_ref=&keyw=&p0=1643 HTTP 302
https://s.adroll.com/pixel/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/I5T3ZRQJSJBB5CDQLBSTMS.js

Request Chain 96

https://d.adroll.com/cm/b/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU

Request Chain 97

https://d.adroll.com/cm/g/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=HZ8UqwgjtLLwJfZDG1IXjg HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 98

https://d.adroll.com/cm/index/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expiration=1734869628 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expiration=1734869628&C=1

Request Chain 99

https://d.adroll.com/cm/l/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=1d9f14ab0823b4b2f025f6431b52178e HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogMWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGUQABoNCPydm6wGEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=f445d52d4a033f2dcbbb91b1cc85a2aaa3c19619def21cd1d8400a92d04e89cf791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmNDQ1ZDUyZDRhMDMzZjJkY2JiYjkxYjFjYzg1YTJhYWEzYzE5NjE5ZGVmMjFjZDFkODQwMGE5MmQwNGU4OWNmNzkxNDI2YjU0MTdkY2UyMRAAGgwI_J2brAYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmNDQ1ZDUyZDRhMDMzZjJkY2JiYjkxYjFjYzg1YTJhYWEzYzE5NjE5ZGVmMjFjZDFkODQwMGE5MmQwNGU4OWNmNzkxNDI2YjU0MTdkY2UyMRAAGgwI_J2brAYSBAgCEABCAEoA&google_gid=CAESEAmtoTbyxZSaYO0cGlyYb94&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=044eeb0a-b3a6-4a96-bf75-1dac7538e963

Request Chain 100

https://d.adroll.com/cm/n/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expires=365

Request Chain 101

https://d.adroll.com/cm/o/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=1d9f14ab0823b4b2f025f6431b52178e&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=1d9f14ab0823b4b2f025f6431b52178e&gdpr=0&gdpr_consent=

Request Chain 102

https://d.adroll.com/cm/outbrain/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 103

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 104

https://d.adroll.com/cm/r/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 105

https://d.adroll.com/cm/taboola/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU

Request Chain 106

https://d.adroll.com/cm/triplelift/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

Request Chain 107

https://d.adroll.com/cm/x/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU

Request Chain 208

https://s.adroll.com/j/pre/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 227

https://d.adroll.com/pixel/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo&cookie=&adroll_s_ref=https%3A//www.wta.org/&keyw=&p0=2653 HTTP 302
https://s.adroll.com/pixel/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/I5T3ZRQJSJBB5CDQLBSTMS.js

Request Chain 254

https://d.adroll.com/cm/b/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU

Request Chain 256

https://d.adroll.com/cm/index/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expiration=1734869630

Request Chain 257

https://d.adroll.com/cm/l/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=1d9f14ab0823b4b2f025f6431b52178e HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=3e8e6b34-a754-4473-ab51-df52c8ba3a6e

Request Chain 258

https://d.adroll.com/cm/n/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expires=365

Request Chain 259

https://d.adroll.com/cm/o/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=1d9f14ab0823b4b2f025f6431b52178e&gdpr=0&gdpr_consent=

Request Chain 260

https://d.adroll.com/cm/outbrain/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 261

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 262

https://d.adroll.com/cm/r/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 263

https://d.adroll.com/cm/taboola/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU

Request Chain 264

https://d.adroll.com/cm/triplelift/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&dongle=c85e

Request Chain 265

https://d.adroll.com/cm/x/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo&advertisable=2TG3XTR6EVDYDA5AVXLEFZ HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU

332 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.wta.org/
Redirect Chain

http://wta.org/
https://www.wta.org/

93 KB
25 KB

846ms
667ms

Document
text/html

172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aa71fa843d78522ae75494b3f2237bf8e6bc121ff00278264480102b26ac655

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 1850
cache-control: max-age=0, s-maxage=3600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83a0852dfe1fa7ff-SYD
content-encoding: br
content-language: en-us
content-type: text/html;charset=utf-8
date: Sat, 23 Dec 2023 12:13:44 GMT
etag: W/"||14755037|en-us|WTA Theme|0|1702861601.38"
expires: Wed, 25 Dec 2013 11:42:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zR3ROWE5ovLc36Gq1drqdQWsHnrmgoqqJHjam3%2FE1eNXAD9i8unt%2F7OPuzjnm4tCyVH%2FBEjbpLDDqmT4bNn819bPT36KYnFL4ku%2BCwdr4T4N%2Fqn1Oy1f%2FpluTHb"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Anonymous
via: 1.1 varnish (Varnish/6.2)
x-cache-operation: plone.app.caching.moderateCaching
x-cache-rule: plone.content.itemView
x-frame-options: SAMEORIGIN
x-varnish: 551454296 551289486
x-varnish-cache: HIT

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 83a0852bbe55aad5-SYD
Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Sat, 23 Dec 2023 12:13:43 GMT
Location: https://www.wta.org/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKqnML%2BuL%2BgigSVqg89yV%2BZC2kkXnFzPsn04Ote1V%2FvlmYW%2FAgdyHJU3LMJ4rxpMvXBWrljbw0EOkSZD4bQnBAYat1Lz5AY9ebIi2MHcopQjgbTcxuY6aYs%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare

GET
H2 200 MyFontsWebfontsKit.css
www.wta.org/++theme++plonetheme.wta/ 1 KB
865 B 175ms
175ms Stylesheet
text/css 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++theme++plonetheme.wta/MyFontsWebfontsKit.css

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad813b781b5230610242f2c44a16f11b5cef83d9d64f48cce8ca9ad4143110f0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Wed, 28 Jul 2021 18:22:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oh4CueTsmQdP46%2BWVNFZLp6TNGR4sJbUwdfWKdnh8jaXpzrkWW3u4JwGc87RTWl5EvoVWC8mYean%2Fei1I39Uu6b3SphnB%2FabFsBgXZWbXR7vnYZejVQSSNX%2BgDZ%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 338400227 340918836
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a16a7ff-SYD
expires: Sat, 23 Dec 2023 23:02:02 GMT

GET
H2 200 wta.css
www.wta.org/++theme++plonetheme.wta/css/ 20 KB
5 KB 17ms
12ms Stylesheet
text/css 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++theme++plonetheme.wta/css/wta.css?v=12

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876c4a217781ebe705e4720e05b6bef97c06f6d47420d5ea9911a800b1c716ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40500
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Tue, 16 May 2023 21:23:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3I%2FGdP8%2BtFNkadmfFAESxyZoEzLLNT4Pw5fD%2Buc7stZ9fFQVhqeqQd7E6JyRz6bHZI5QGSzVq%2B1gnq9TNWU9Bfn0vyDXHvxsKbdMacv3v0D35IPglR7qcCTMsxyZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 481235110 468769350
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a17a7ff-SYD
expires: Sat, 23 Dec 2023 20:00:36 GMT

GET
H2 200 mbp.css
www.wta.org/++theme++plonetheme.wta/css/ 58 KB
12 KB 15ms
10ms Stylesheet
text/css 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++theme++plonetheme.wta/css/mbp.css?v=31

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60e360f2ae30944eadcd664e512517e4d8f25d96bb7583d71fd9e3a7aaaf502

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2284
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Wed, 10 May 2023 21:27:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4TUzSIH8JBOAEMsSctqgtIqdPM3hEGOPpUAyFdZNNvujm8i7FB0JEb7AkWpLU0nwdsML8cen67QtEsxvm0bDvmuGcJf6TKJ5V9CElZJtjPPbLwAVfSysDz29DRy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 471813433 470308187
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a18a7ff-SYD
expires: Sat, 23 Dec 2023 11:52:37 GMT

GET
H2 200 edit.css
www.wta.org/++theme++plonetheme.wta/css/ 5 KB
2 KB 177ms
172ms Stylesheet
text/css 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++theme++plonetheme.wta/css/edit.css?v=2

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ce1e14b246f40e57d889003c9693466af83100fb675b32259098ed57310102f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Wed, 28 Jul 2021 18:22:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2cHziQLurpMRE9PeND7Sguei7Xh0BcrtYrK0amousaPNA6S1BzYPrJ5EkqfRyvLdqrgZgwR5rJgUiwANLmhNx3uJNSoTpmtFw7KqmovnRFW0Atev2KGJp7nTncK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 469363039 472936120
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a1aa7ff-SYD
expires: Sat, 23 Dec 2023 20:08:08 GMT

GET
H2 200 maps-generic.css
www.wta.org/++theme++plonetheme.wta/css/ 10 KB
3 KB 18ms
14ms Stylesheet
text/css 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++theme++plonetheme.wta/css/maps-generic.css?v=10

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70c0108cb1cfc2581cafa0adb68e67be1681494f3e0540549589e7d946fb2b4e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33125
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Wed, 10 May 2023 21:27:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bz8fopFG%2BOnDA9xOPlK%2BehEcRRGLXgqwHXsCZhiZB5CO%2BPpKpQsNmtKD4LHQeklyhoOdB7o9CJOp%2BA6%2B0OCCDRo3tk1174YEeZWsHs%2FhfXvY%2Fy8namsPZewE3BOn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 471563043
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a1ba7ff-SYD
expires: Sat, 23 Dec 2023 15:32:33 GMT

GET
H2 200 clicky-menus.js Show response
www.wta.org/++theme++plonetheme.wta/js/ 4 KB
2 KB 21ms
16ms Script
application/javascript 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++theme++plonetheme.wta/js/clicky-menus.js?v=1

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22036e31a0b49bdf19ac219cb142cb1b90a108f503295b4a0d08107e3d71bd1f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43662
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Tue, 25 Apr 2023 18:53:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LrwxDVEqOTDCFa5ub8QeUQjVJskMSIO%2FOEd26b7fJ7RJJYvA5AzfsTxrchfRJYVNR3j%2F%2BUvZ%2Bj3xy%2FDf6qHg75F6d5z8rXZPN0auTHHVVmY1WN7Q8xSIUxFs1zj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 480127446 476392546
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a25a7ff-SYD
expires: Sat, 23 Dec 2023 15:53:19 GMT

GET
H2 200 wta-toggle.js Show response
www.wta.org/++theme++plonetheme.wta/js/ 2 KB
994 B 19ms
14ms Script
application/javascript 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++theme++plonetheme.wta/js/wta-toggle.js?v=1

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9dee7d09b56edb1c5d6f0de505ad391a1527397dc3da0a56ba1cf3e4a4753e0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31687
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Tue, 25 Apr 2023 18:53:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qpkvuv3cp9SE8MRpS7TrWE3lkC1CxB6vmCeauQF5S1x%2BBSp8%2BD3%2FUrOWlHOYRcdPp11DLJmO%2BvN%2BC1PbK%2BAwtmabDnBLCz32bCe7yanPFYh%2FrxT1JZsgDC1CkqQZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 477212924 480032574
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a26a7ff-SYD
expires: Sat, 23 Dec 2023 13:03:10 GMT

GET
H2 200 default.js Show response
www.wta.org/++plone++production/++unique++2023-12-17T17:06:47.615930/ 209 KB
61 KB 26ms
22ms Script
application/javascript 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wta.org/++plone++production/++unique++2023-12-17T17:06:47.615930/default.js
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ecdad05363499dc367d4c734a7002071d80074c1a221788b8480687664ba3cd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215117
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.stableResource
last-modified: Mon, 18 Dec 2023 01:06:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FPrH0kJBowcj1Xmx62PXpD73UFcZniAwF5pmuVnQ2QGH0h48%2FBZh%2BrHos8ShKou6twAhN5YEnwCCHuQrJ%2BJoj24bX5AJEpUbF7iGq6ceD2jwfAiaaiYuhYJOhGk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-varnish: 534775167
cache-control: public, max-age=31536000, proxy-revalidate
cf-ray: 83a085323a27a7ff-SYD
expires: Tue, 17 Dec 2024 01:06:55 GMT

GET
H2 200 plone-compiled.min.js Show response
www.wta.org/++plone++static/++unique++2021-07-28%2015%3A20%3A51.681626/ 394 KB
115 KB 29ms
25ms Script
application/javascript 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++plone++static/++unique++2021-07-28%2015%3A20%3A51.681626/plone-compiled.min.js

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14f783e8c24f58c753f06b9ced8f20119868c773e1c04a41e990ea8c856a551c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1655235
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.stableResource
last-modified: Wed, 28 Jul 2021 22:20:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVywYKa%2BSAPZX%2Fy0G0hSk2xA1DJOcKBBP%2Fm7DHV9F%2FN1Y%2FTEcbrBjnyzthNn9JL6mRmic0%2BlMdGhBnSd3WQf2zA%2B4%2Bz0D%2B2Rv25UxV5sZ8LYaqE8wj%2FB8kiX7A0V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 299568217 287903799
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a28a7ff-SYD
expires: Wed, 30 Oct 2024 09:38:44 GMT

GET
H2 200 wta-gallery-compiled.js Show response
www.wta.org/++plone++static/++unique++2023-12-17%2017%3A06%3A41.890685/ 600 B
681 B 20ms
17ms Script
application/javascript 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++plone++static/++unique++2023-12-17%2017%3A06%3A41.890685/wta-gallery-compiled.js

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ce55fc3ae7a6ccd97843e6391efe0788762f803b909eae3857c5ad0add10147

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 471996
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.stableResource
last-modified: Mon, 18 Dec 2023 01:06:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDbVIY4%2FbqrgCHHa5Cfgt0J54l4G%2BU%2BTRcltLRwVM3MYv3K6soORuTxU1nXaLzWgKbBHhcSCjRjf2%2F8o7TSLBo3dnaPqwDwWdZVVR43AAg0y5O%2Bmh7KTDZOifuio"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-varnish: 527279196
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a29a7ff-SYD
expires: Tue, 17 Dec 2024 01:06:46 GMT

GET
H2 200 plone-legacy-compiled.js Show response
www.wta.org/++plone++static/++unique++2023-12-17%2017%3A06%3A40.505482/ 14 KB
4 KB 22ms
18ms Script
application/javascript 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++plone++static/++unique++2023-12-17%2017%3A06%3A40.505482/plone-legacy-compiled.js

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5777733076c24888e61874c49bab3d5652a936a8effc1a473afcfd7e1c8a18ef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 471997
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.stableResource
last-modified: Mon, 18 Dec 2023 01:06:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8yZO4xMModnZ98isGZBfLPzM73mnjkd3xDtUP8rrfee8ss8LJik8NH3e%2F3CP0MW6oJRCBClOhwHcaozc%2Ba%2F8eNXsIcFTbS3AY8HCAKLLBd41Rd4bo1GEe%2BqE2nu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-varnish: 530359792
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a2ba7ff-SYD
expires: Tue, 17 Dec 2024 01:06:46 GMT

GET
H2 200 patterns-compiled.min.js Show response
www.wta.org/++plone++patternslib/++unique++2021-07-28%2015%3A22%3A09.435547/ 299 KB
71 KB 36ms
33ms Script
application/javascript 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++plone++patternslib/++unique++2021-07-28%2015%3A22%3A09.435547/patterns-compiled.min.js

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecebf7a357ea3b5d0d1947729fe6789c7aafce5b9d73fb375b665db378021722

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215117
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.stableResource
last-modified: Wed, 28 Jul 2021 22:22:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCMgmFiAeKKQmzQtDHUr05%2BSOceU5bmj69SkT0Xst3msANee2%2FiUCM%2BBqVFnWl396WghgjG%2FF3qmDDpQ6YuwhB86J2z1Z21yv5gEWTZtAoyNP3QIbfai9pszBjvh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 343738817
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a2da7ff-SYD
expires: Fri, 08 Nov 2024 10:55:10 GMT

GET
H2 200 wta-content-resources.min.js Show response
www.wta.org/++resource++wta.content/ 84 KB
28 KB 23ms
20ms Script
application/javascript 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++resource++wta.content/wta-content-resources.min.js?version=2023-11-16%2013%3A23%3A41.851107

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a009f59a0def41582b5825a9e0947690fe91b64d45a7d2366cc5f2b7b644d8b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15996
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
server: cloudflare
etag: W/"1682471783.2-85919"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJnft8xA%2BY5a9HClZ9%2FIXMhKM4Wyt%2BH12cUeYVQfBq7X7q2z7K7RhnEgpA7DGCO%2BDvuUMJ6VanWxg%2BLZtnUMbcvRKT8IpKayMWkP9Q%2F9BMIv%2BVN3bwzwi%2BP8OSfs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 474436987 479574567
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a2ea7ff-SYD
expires: Sat, 23 Dec 2023 15:27:17 GMT

GET
H2 200 bundle-leaflet-compiled.min.js Show response
www.wta.org/++plone++patternslib/++unique++2021-07-28%2015%3A22%3A09.431547/ 216 KB
59 KB 32ms
29ms Script
application/javascript 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++plone++patternslib/++unique++2021-07-28%2015%3A22%3A09.431547/bundle-leaflet-compiled.min.js

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff2e98a7c4653bd9b2816611715b00e0898a83eececb6a1086e55ba164a67a32

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1655235
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.stableResource
last-modified: Wed, 28 Jul 2021 22:22:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uujETSH2Gyh2mUE0VJGVmEgKyPb%2Bqbiuw7LuV65QIWtmB%2Bg2T6GD82rzcYVH%2BPm4JrjJYPaVj02XeWZ11WSKAf2J3Sqnsx34aMnsxgIUS73ehDs9kGk3l%2FzzXoUO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 475364165 478156652
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a30a7ff-SYD
expires: Thu, 28 Nov 2024 07:20:54 GMT

GET
H2 200 default.css
www.wta.org/++plone++production/++unique++2023-12-17T17:06:47.615930/ 10 KB
2 KB 16ms
13ms Stylesheet
text/css 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++plone++production/++unique++2023-12-17T17:06:47.615930/default.css

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17e1ff4a17c992a7599a54a65e4da2e946241d19e0dac897c2f7eca59bcb2d17

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 471997
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.stableResource
last-modified: Mon, 18 Dec 2023 01:06:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BimKWarlqrf%2FPVFbkTwbKgfvwf2b6SnL9%2FXb80kBA1wK7rWbABncIIMFsWCSkQ4MvoX154LT%2BIh4%2BgIoMEWXvFNyfP51tg%2FbYQrT1NfSj1%2BeyK0QY5R03wfyAi1"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-varnish: 521485615
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a1ca7ff-SYD
expires: Tue, 17 Dec 2024 01:06:55 GMT

GET
H2 200 plone-compiled.css
www.wta.org/++plone++static/++unique++2021-07-28%2015%3A20%3A51.681626/ 319 KB
108 KB 21ms
19ms Stylesheet
text/css 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++plone++static/++unique++2021-07-28%2015%3A20%3A51.681626/plone-compiled.css

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bee60fb3015667318ee5b27ba28e25b4c85f7f94b65800de7ef575ba2430e75f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1655234
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.stableResource
last-modified: Wed, 28 Jul 2021 22:20:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siB6LwzlzAKrLSCMyOqb6iGbhofRJQFxe0S5MyS4kF8j3KqNf0tuGTR%2B4jL7ZQzUEo%2BFsWBGice3SBOXrShGmP%2BghLt%2B2y%2F4uaRarz2lJXRhhz4nWNfcHtMzPShg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 479240591 480316409
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a1da7ff-SYD
expires: Wed, 27 Nov 2024 07:11:42 GMT

GET
H2 200 wta-gallery-compiled.css
www.wta.org/++plone++static/++unique++2023-12-17%2017%3A06%3A41.890685/ 127 B
470 B 13ms
11ms Stylesheet
text/css 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++plone++static/++unique++2023-12-17%2017%3A06%3A41.890685/wta-gallery-compiled.css

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577693837996a47ba6603819116fd8c1afd5a37615aa540393a7798c10bd46e0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 98233
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.stableResource
last-modified: Mon, 18 Dec 2023 01:06:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlajcG2RrlO2jOxcCXiEqKBrCCQKundskPx%2FBQEVP1s1cwjWURf5Ac6kqDJTHAFp7KOy6HzCA9ckYqAppvrCml7fR17BM2s4lh45UY6J8PZl08hvitn8BErOE5rR"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-varnish: 521485588
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a1fa7ff-SYD
expires: Tue, 17 Dec 2024 01:06:46 GMT

GET
H2 200 plone-legacy-compiled.css
www.wta.org/++plone++static/++unique++2023-12-17%2017%3A06%3A40.505482/ 2 KB
900 B 14ms
12ms Stylesheet
text/css 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++plone++static/++unique++2023-12-17%2017%3A06%3A40.505482/plone-legacy-compiled.css

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

081131a89925d539b45edffa1ec074277e34b942b89ebeaf69e8a4023e8ecc3a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 471997
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.stableResource
last-modified: Mon, 18 Dec 2023 01:06:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzw9JF7IviRZiUXJMrRkbfzwh%2FD38gVdu8yOrFVuzAr6dtZnmRnR1ThxjEeb73CIcNNM4xbDQ2K87SzmOOinv03NAkUmR9AG3GnklbJhqOGMwsWTyqqcs3o%2FfimU"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-varnish: 521485585
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a20a7ff-SYD
expires: Tue, 17 Dec 2024 01:06:46 GMT

GET
H2 200 wta-content-resources.min.css
www.wta.org/++resource++wta.content/ 31 KB
12 KB 17ms
15ms Stylesheet
text/css 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++resource++wta.content/wta-content-resources.min.css?version=2023-11-16%2013%3A23%3A41.851107

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ee2c71c181165baf4d7fce979e38e70968ed6740545d4d36e6449ef67c831fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30404
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
server: cloudflare
etag: W/"1700169821.85-31739"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXywFL9LybeRviHbnTkiNLlg%2BvhIzxwP99KU8gOYUOVsv8SYE1ihHXM5oFCEPNvttYhIwT6rWTiywNRBIWrk01XY2%2FpPxEypfr8RMmbaLUXNnpodj4oC9ML2hHwG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-varnish: 362614521
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a21a7ff-SYD
expires: Sat, 23 Dec 2023 21:30:58 GMT

GET
H2 200 bundle-leaflet-compiled.css
www.wta.org/++plone++patternslib/++unique++2021-07-28%2015%3A22%3A09.431547/ 64 KB
22 KB 19ms
17ms Stylesheet
text/css 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++plone++patternslib/++unique++2021-07-28%2015%3A22%3A09.431547/bundle-leaflet-compiled.css

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50388efc56db6341f46befd807e9db078168296f7c1ffc551d442599f6742811

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1655235
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.stableResource
last-modified: Wed, 28 Jul 2021 22:22:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FGls1qr5q%2F8nwqtTwuiKEfLO1RJzpo3QpCQ5Zg11E0J%2B1xnNjPuHDVlUcsiisEIbm0l38UJ1PugXrkcQG%2F3nu9G1vVQfUmZQSj8gUYgLSKjZegI0k0puvDx%2BF4%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 342264010 341705865
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a23a7ff-SYD
expires: Thu, 07 Nov 2024 06:15:15 GMT

GET
H2 200 style.css
www.wta.org/++theme++plonetheme.wta/css/ 251 KB
32 KB 181ms
180ms Stylesheet
text/css 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++theme++plonetheme.wta/css/style.css?v=2023-10-26T15:38:16-0700

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a202af601d9d1d5ea13bb36f674cd4495361ab4f9800675a77a89934db4fc1f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Mon, 04 Dec 2023 17:58:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rzD7ekjAg%2BYeQNEKSb84gWpQ0rItbo5WcKBukQzkNwaK6WZSxd77cD6DUy8YXuOIJuPRGTnQe8KFIa%2Fyi%2Fhv2%2BOGtFX%2BBNeacg%2BTgVikf9y%2FAFdt8ck195YfRTB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 483291137
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a24a7ff-SYD
expires: Sat, 23 Dec 2023 18:18:20 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 34ms
5ms Script
text/javascript 23.38.129.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.38.129.67 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-38-129-67.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:45 GMT
server: Oracle API Gateway
opc-request-id: /7DA1AB0DE5A41A459460AF2C4B664A90/F6EBD77E5D1EF9A49B2C6278AA78E39C
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 svgfixer.js Show response
www.wta.org/++theme++plonetheme.wta/ 2 KB
1 KB 179ms
178ms Script
application/javascript 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++theme++plonetheme.wta/svgfixer.js?v=2

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

071f742f7dc8e2fb4b20987ac125790e37039b89ca33f8b9c6f20020d39eadc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Wed, 28 Jul 2021 18:22:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvDm%2F4GvyRjlVSeRQP1A6HJ3uan3%2Bygp6MImmIKP5HBRZgWMt0jmqK3qAtdGLc6%2BceSsC5NJb1pEsF02rdJb%2BxR3QVNawDLKQcMM0A%2Broie6s7Wr5QWfMeDW%2BMYt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 336522493 338340079
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085323a31a7ff-SYD
expires: Sun, 24 Dec 2023 10:42:20 GMT

GET
H2 200 wta-logo.png
www.wta.org/++theme++plonetheme.wta/images/ 52 KB
53 KB 17ms
13ms Image
image/png 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/++theme++plonetheme.wta/images/wta-logo.png

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c704a5f550b5b7e635525221d2406e42424c29e76719291456935c9d6a3cf6f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70586
x-cache-operation: plone.app.caching.strongCaching
content-length: 53294
x-cache-rule: plone.resource
last-modified: Wed, 28 Jul 2021 18:22:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZfGELOWCrvdBvmaeYCPEclxT83r4qfzs%2B%2BqvPRZul1Td209oHhoF4yXz2j5DPy6vNqdQZEz44u2jvqkMWMXzC5QwfWYaZ8CxT7FsjCjUIrrpwU1qhOCmPckKoCB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-varnish: 343313953 330880734
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 83a085326a4ca7ff-SYD
expires: Sat, 23 Dec 2023 15:29:12 GMT

GET
H2 200 map.svg
www.wta.org/++theme++plonetheme.wta/images/svg/ 3 KB
2 KB 175ms
171ms Image
image/svg+xml 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/++theme++plonetheme.wta/images/svg/map.svg

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af14e90024b9e0691b0d3d088211acaa649d2c8c5f4e65c563c71d948906be5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Wed, 10 May 2023 21:27:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWKw4GwVJO5JeL%2B1WbdLAElCBSk5Y4GjRBRgLkN6P7Mdb%2FI1xV09Nkn0sSba965z9YuDYnC2xQzbwjna22jrcPQ81MAhqqw%2Ftn%2BoS0vVm40XVM%2FYggm2qPzQpTUD"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-varnish: 482056123 474535254
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085326a4da7ff-SYD
expires: Sat, 23 Dec 2023 20:14:12 GMT

GET
H2 200 9d27504b-f4ca-41cb-a48e-17470f5b06c1.jpeg
www.wta.org/news/magazine/features/rainier-prep-2023-1.jpg/@@images/ 130 KB
131 KB 238ms
237ms Image
image/jpeg 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/news/magazine/features/rainier-prep-2023-1.jpg/@@images/9d27504b-f4ca-41cb-a48e-17470f5b06c1.jpeg

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0122f40abc44decd9f72a8e5b8735724aecb0c35d3f85da4e3ca2cda821f785

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
content-length: 133289
x-cache-rule: plone.stableResource
cf-bgj: h2pri
last-modified: Thu, 09 Nov 2023 15:31:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrckvlizLO0d1iNTXb3heRWFxIGC%2FiEfjGC8bCddsmIe0UXu%2Fg4NZKFLYE%2B%2FqW2C1jSyCXNJH3ss9gIHW11MFebouwEXapVw7iskgEHDxujZ%2BXEliy0vD6OUcEg5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 507933243
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 83a085328a6da7ff-SYD
expires: Fri, 13 Dec 2024 23:00:50 GMT

GET
H2 200 142a0801-55ee-474c-a22b-508114f32529.jpeg
www.wta.org/go-outside/seasonal-hikes/winter-destinations/photos/thunder-creek-by-trspanache.jpeg/@@images/ 61 KB
61 KB 173ms
172ms Image
image/jpeg 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/go-outside/seasonal-hikes/winter-destinations/photos/thunder-creek-by-trspanache.jpeg/@@images/142a0801-55ee-474c-a22b-508114f32529.jpeg

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

031790ee39c8845e9f9f206d4e32fd9fb7bfbf6b71c8dee7bd70f8546997d907

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
content-length: 62253
x-cache-rule: plone.stableResource
cf-bgj: h2pri
last-modified: Tue, 24 Oct 2017 22:54:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AW7lHklke3RM8f2DzxVrpImQrJVKGH8kMI%2BvQmijRylk%2B%2BNM4TAyAeMWUGxgPrq%2BehDLT0R2TEjyqNFCNho7st2l5qZycv69NEFpyhltTg62mfZw%2B%2BzfvbbWhR%2Bw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 537668867
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 83a085337b49a7ff-SYD
expires: Wed, 18 Dec 2024 16:57:31 GMT

GET
H2 200 f5a2faf4-89ee-4784-83ff-694d19576f45.jpeg
www.wta.org/news/magazine/features/wta-crew-hikes-out-of-the-william-o-douglas-wilderness-at-the-end-of-a-project-in-september.jpeg/@@images/ 63 KB
64 KB 818ms
818ms Image
image/jpeg 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/news/magazine/features/wta-crew-hikes-out-of-the-william-o-douglas-wilderness-at-the-end-of-a-project-in-september.jpeg/@@images/f5a2faf4-89ee-4784-83ff-694d19576f45.jpeg

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3da08c3dcadb5e8b90c703f2ca6289144b4fba54165393483b5ec77df5b32434

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
content-length: 64577
x-cache-rule: plone.stableResource
cf-bgj: h2pri
last-modified: Tue, 05 Dec 2023 00:49:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJkxZ7A3%2FUhL9wRzkbGEO%2BqwjVKXvK4dOi2pcNK8zf2J8ECL6vOQJpboesOo3ArxFldQYtkwMuPfbeLLfCbXxEcN%2BhGnHCXwY4BFanetAunICxKeCoc5F3xbJwU8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 540247366
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 83a085349bf4a7ff-SYD
expires: Wed, 18 Dec 2024 17:01:45 GMT

GET
H2 200 homepage-small
www.wta.org/news/signpost/a-huge-thank-you-to-our-community-from-wta2019s-outdoor-leadership-training-program/@@images/image/ 23 KB
23 KB 198ms
194ms Image
image/jpeg 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/news/signpost/a-huge-thank-you-to-our-community-from-wta2019s-outdoor-leadership-training-program/@@images/image/homepage-small

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07ab016acca5f456bcf8a01ce9d5db3f1d3db1e89c39b2ebbd995925fc2ffb8f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27611
x-cache-operation: plone.app.caching.moderateCaching
content-length: 23636
x-cache-rule: plone.content.file
last-modified: Thu, 21 Dec 2023 21:57:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjzuu40bl6mgXgmXJyjiZmEJ%2B%2BMNV1i3ztN%2BvB71PTF7oEpR%2BJ883uw0RC7o5xo%2Blz4wK2Amg%2BiNUs1uynP6MJgrIwYjJdU%2F%2B%2F0U9W3JbPFKynfZAk8VKS2CrUQg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 551289818 537160171
cache-control: max-age=0, s-maxage=86400, must-revalidate
accept-ranges: bytes
cf-ray: 83a08534cc19a7ff-SYD
expires: Wed, 25 Dec 2013 04:33:34 GMT

GET
H2 200 homepage-small
www.wta.org/news/signpost/hiker-headlines-winter-solstice-first-day-hikes-echo-ridge-ski-area-opening-12-21-23/@@images/image/ 21 KB
21 KB 195ms
191ms Image
image/jpeg 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/news/signpost/hiker-headlines-winter-solstice-first-day-hikes-echo-ridge-ski-area-opening-12-21-23/@@images/image/homepage-small

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8168ac91e02a5b59b96cc1bd5c054bc3f0dd7be64b3dc5d061a75fecb0358677

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27611
x-cache-operation: plone.app.caching.moderateCaching
content-length: 21070
x-cache-rule: plone.content.file
last-modified: Fri, 22 Dec 2023 16:11:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2ZCWWG3iObxsEiTFsAH9Lxq0N%2Bo9dQFaZnOn0wnwFr%2BvUFDJJduc3I6LwicvKXjLhNOyiVobAP2r%2FkAcyJmD5832btcyYztnMwpzB1reFl4IJGdeo0HNUMsbj7Q"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 547226319 540602294
cache-control: max-age=0, s-maxage=86400, must-revalidate
accept-ranges: bytes
cf-ray: 83a08534cc1aa7ff-SYD
expires: Wed, 25 Dec 2013 04:33:34 GMT

GET
H2 200 homepage-small
www.wta.org/news/signpost/clearing-trails-and-our-story-queue-6-stories-we-missed/@@images/image/ 33 KB
33 KB 191ms
187ms Image
image/jpeg 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/news/signpost/clearing-trails-and-our-story-queue-6-stories-we-missed/@@images/image/homepage-small

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c5e7122f75708c26557ddae5040e01775144a018eea937a98ee7bcb4cba7a82

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27611
x-cache-operation: plone.app.caching.moderateCaching
content-length: 33373
x-cache-rule: plone.content.file
last-modified: Thu, 21 Dec 2023 17:25:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXqwJr56Qcj0HTAT60mtlMGCUmbumOHa9tSslP%2BDLC3xZUqAR7hrprYzons0g1sLloVoDu8jUxiFAjKQbwTa9OGW2d13bUYLoVJmWEywKlI0q8OSpFgtsbiC4WGU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 546997814 540602297
cache-control: max-age=0, s-maxage=86400, must-revalidate
accept-ranges: bytes
cf-ray: 83a08534cc1ca7ff-SYD
expires: Wed, 25 Dec 2013 04:33:34 GMT

GET
H2 200 dcf6e490-b8c0-4efb-b03d-2f7fefab80f6.jpeg
www.wta.org/news/signpost/img_4441.jpg/@@images/ 11 KB
12 KB 183ms
179ms Image
image/jpeg 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/news/signpost/img_4441.jpg/@@images/dcf6e490-b8c0-4efb-b03d-2f7fefab80f6.jpeg

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a56405c22a109163088824ad44ce36c088b209c8c8b8b5f4626107f42791fca6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
content-length: 11582
x-cache-rule: plone.stableResource
cf-bgj: h2pri
last-modified: Mon, 27 Nov 2023 17:07:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0SNoRJJqNwi%2BDYpa%2FbygAhmk%2FqB0E1zHWFGkM3FSmm0XWIvQQg5bhwr9V%2F8O6OD5dy7Q2Hvloyq0VxD5XRJUpg93MRwIXMfOMPWhAT%2FDKDxu7KOTLBXNMs8DTqi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 512279381
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 83a08534cc1fa7ff-SYD
expires: Tue, 10 Dec 2024 19:02:00 GMT

GET
H2 200 46f51689-e4aa-407b-b6a8-fabc1dbd8052.jpeg
www.wta.org/site_images/trip-reports/2023/tripreport-image-2023-12-11-7355245381/@@images/ 214 KB
215 KB 180ms
177ms Image
image/jpeg 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/site_images/trip-reports/2023/tripreport-image-2023-12-11-7355245381/@@images/46f51689-e4aa-407b-b6a8-fabc1dbd8052.jpeg

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bec1d9feff1a1a3e6ae47f0e4aee818737d0527d8909efc6691b3c234ead0f7f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
content-length: 219541
x-cache-rule: plone.stableResource
cf-bgj: h2pri
last-modified: Tue, 12 Dec 2023 05:35:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzhtSrs0sqKmksCBIoaCqwaDs9u63vFBHPQoFmYYKhZbXB89pKTkskXXQhqhqbQvV0qZHpWOzLHLh%2FnKwx5OQHpP3ueMcDboOtzlyjaxqFjbVcQqmOew9mSgVeQn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 540590252
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 83a08534cc20a7ff-SYD
expires: Thu, 19 Dec 2024 19:04:09 GMT

GET
H2 200 neal-logo.svg
www.wta.org/++theme++plonetheme.wta/images/svg/ 21 KB
6 KB 13ms
10ms Image
image/svg+xml 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/++theme++plonetheme.wta/images/svg/neal-logo.svg

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6434edb4f18fe3c0eab85cd7f157099c20eacce8a4a6683737d79324281d2ade

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70586
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Wed, 28 Jul 2021 18:22:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9KjdDZeZOEAFzctB3qHYXotf0GHi0btwP2Ycb5rR2XN7zeUsB0OeIpNBgGMk67AENznaMhCkPQTKobwOnA1o0xo5HI33PO7uAt8yW%2F46QshKK%2B6K6lxpIB4Siyt"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-varnish: 477351919 480455272
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a08534cc21a7ff-SYD
expires: Sat, 23 Dec 2023 15:03:25 GMT

GET
H2 200 normalize.css
www.wta.org/++theme++plonetheme.wta/css/ 7 KB
2 KB 18ms
14ms Stylesheet
text/css 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++theme++plonetheme.wta/css/normalize.css?v=8.0.1

Requested by

Host: www.wta.org
URL: https://www.wta.org/++theme++plonetheme.wta/css/mbp.css?v=31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

650c5dc4948895263faac430089cc0b9c05cf5704babb357d11eb86cf7d92baa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/++theme++plonetheme.wta/css/mbp.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33825
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Thu, 06 Apr 2023 20:47:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7qORvIRNrUuW4S0ax%2BdzPKpkiEcCjb%2BvS40ilsTQbKRAJzUDP1ON%2Bl7hTHE9YTdHVzI62K1bju8f%2F1vxbZ%2F47qnnrGgwf0qUoKIqfTgrnPeXtCV53yUNFEp92Va"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 479858505 477971856
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085326a4ea7ff-SYD
expires: Sat, 23 Dec 2023 11:09:47 GMT

GET
H2 200 mbp-fontello.css
www.wta.org/++theme++plonetheme.wta/css/ 6 KB
2 KB 18ms
15ms Stylesheet
text/css 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++theme++plonetheme.wta/css/mbp-fontello.css?v=2

Requested by

Host: www.wta.org
URL: https://www.wta.org/++theme++plonetheme.wta/css/mbp.css?v=31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e76357bae04c43badd4aa5bf3183e3257962b3bdab5333f98685b215a3ea7ab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/++theme++plonetheme.wta/css/mbp.css?v=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:44 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37458
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Wed, 28 Jul 2021 18:22:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCfmhUpOuGB5KmIbV5H%2BI3ikigteo%2BEQRsLb3wcW%2F5ZUUyXXLYN%2F8A17f%2FAzsFfn5DHsRfElvbdklwklLClfVFDAygO3s5f8P6W%2BLXTSd6pBskqQVjSOpaEtqOl3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 379431264
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085326a4fa7ff-SYD
expires: Sat, 23 Dec 2023 13:49:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 305 KB
95 KB 540ms
139ms Script
application/javascript 172.217.167.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PB9K2Z

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

02de12ee9ccd88f2bfd77f465570484f9b64a9dfa8a4478e7b8fb924d61d72c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97136
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 12:13:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
964 B 196ms
96ms Stylesheet
text/css 142.250.67.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: www.wta.org
URL: https://www.wta.org/++theme++plonetheme.wta/css/style.css?v=2023-10-26T15:38:16-0700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f10.1e100.net

Software

ESF /

Resource Hash

17317b7dc349951f32e31ca33e49a7405e1e60384485da472aab5225c4ccf1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 12:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 10:16:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Dec 2023 12:13:45 GMT

GET
H2 200 plonejsi18n Show response
www.wta.org/ 464 B
610 B 190ms
189ms XHR
application/json 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/plonejsi18n?domain=widgets&language=en

Requested by

Host: www.wta.org
URL: https://www.wta.org/++plone++production/++unique++2023-12-17T17:06:47.615930/default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

209a98afb3dd3602c0376871569d7a7d2d1ba1b5df5c86a58a10bc7ae0f86783

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.wta.org/
X-Requested-With: XMLHttpRequest
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkX3cpP8TpxpmFTq8mv0Pwv6EWdVtbKCVbdO934yyIgHH7%2F0KyDEmhFvIsEst2rsX3e1l%2BPaigPaKEhWVyQzmcnUloI7zzqp5u6D17iTjCg70OouIbN8PpU%2FBEnr"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
x-varnish: 546997811
cf-ray: 83a085339b57a7ff-SYD

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 310ms
2ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

0c6cf7bced8d3a20fb0d65244850d4da39b61791ab8d3fc85814e5be073154e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:45 GMT
content-md5: B+4JGi3PQAQ0/TlYiNwagg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: sd7wPbKLCD1pvIEBVlvDSNUnpMEP6jhMMPIcLp1GOKepSI566K/lgN/FUiTpguqYV150F46PRL7xkfAh6NJNNQ==
x-fb-content-md5: d86aa79a25b455e8b956fffcbc46cad2
cross-origin-opener-policy: same-origin-allow-popups
etag: "e8025d4725cdab549bea0069248eb580"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 23 Dec 2023 12:14:58 GMT

GET
H2 200 embedded-giving.js Show response
sdk.classy.org/ 42 KB
11 KB 360ms
40ms Script
text/javascript 104.18.197.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.classy.org/embedded-giving.js

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.197.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb5fce47dee3bb80729eb88ba515fcd5a2a13be169febe8f0ab14cfffdcdab4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 736
x-amz-request-id: RZRDEC0YXR78ZGFX
x-amz-server-side-encryption: AES256
x-amz-id-2: kzkMXnjd0RQdF5aBHoZN0eNPo8a1wtISHZ/ix69SdQZy1/SR1c+FsvBeQBZDZBTz9lwCrVW1nK8=
last-modified: Tue, 19 Dec 2023 19:04:26 GMT
cf-bgj: minify
server: cloudflare
etag: W/"b951865abe3fe020f6d8fd7f92567eb0"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60, s-maxage=900, stale-while-revalidate=60
cf-ray: 83a08536cdd95d36-SYD

GET
H2 200 white-arrow-down.svg
www.wta.org/++theme++plonetheme.wta/images/svg/ 930 B
860 B 170ms
169ms Image
image/svg+xml 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/++theme++plonetheme.wta/images/svg/white-arrow-down.svg

Requested by

Host: www.wta.org
URL: https://www.wta.org/++theme++plonetheme.wta/css/style.css?v=2023-10-26T15:38:16-0700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cecd4957b55ef192314ac269ba6bb654b79204ce9b943ab9ddb5fa523e58b110

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/++theme++plonetheme.wta/css/style.css?v=2023-10-26T15:38:16-0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Wed, 28 Jul 2021 18:22:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htOP3xX0%2F%2BwHQ%2Bc4Rq08m4JQlMj%2B1krihQ180KgXKI47TZ8iAK7z4Q%2BVDZpEMxb%2F4kX6DIljyiz7ny23xUSSSF%2FBi9TG9NOKxBxgXt8zPvahKeg%2Fyhbq7Azn0jLW"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-varnish: 468637904 468798483
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a08534cc26a7ff-SYD
expires: Sat, 23 Dec 2023 19:01:22 GMT

GET
H2 200 arrow-down.svg
www.wta.org/++theme++plonetheme.wta/images/svg/ 1 KB
908 B 635ms
635ms Image
image/svg+xml 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/++theme++plonetheme.wta/images/svg/arrow-down.svg

Requested by

Host: www.wta.org
URL: https://www.wta.org/++theme++plonetheme.wta/css/style.css?v=2023-10-26T15:38:16-0700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccb94dc6dbcbffac37718cc3f5c3d41443dbdb2890b5cd36b9ccb14ab3819ba0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/++theme++plonetheme.wta/css/style.css?v=2023-10-26T15:38:16-0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Wed, 28 Jul 2021 18:22:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AROQKEZ%2Facqp3BQCgadv32%2FMxMCWqH4OrazWeZiM1FUsLZ6jSJYSdbu74lIsUfGvZehSvlQPjHhUiGQdT7YKTPTl5iMD%2BHophky5zopKnrEVZmZMnpIHm%2B5Xc5aQ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-varnish: 483394183 480299466
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a08534cc29a7ff-SYD
expires: Sat, 23 Dec 2023 14:18:48 GMT

GET
H2 200 defaultUser.png
www.wta.org/++theme++plonetheme.wta/images/ 10 KB
11 KB 170ms
169ms Image
image/png 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/++theme++plonetheme.wta/images/defaultUser.png

Requested by

Host: www.wta.org
URL: https://www.wta.org/++theme++plonetheme.wta/css/style.css?v=2023-10-26T15:38:16-0700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f3b4cad9d21ea0ed94bf0697382a54c4cf76d74bea3525770c3bc28ed3ddcd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/++theme++plonetheme.wta/css/style.css?v=2023-10-26T15:38:16-0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
content-length: 10485
x-cache-rule: plone.resource
last-modified: Tue, 25 Apr 2023 18:53:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJhc1d2sJRMjzNdXbeb9S1mdJ9y7k3sk3gnbyVF%2BACHKxoRHHTpORz3MWT6UXG1r%2B7A6%2BLCJe6ya76wXIYWO%2FtRVvwLIo1JqsLfFjUYGtEzWij3FNaYYWO9Cyg55"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-varnish: 482912875 480556063
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 83a08534cc2aa7ff-SYD
expires: Sun, 24 Dec 2023 10:38:38 GMT

GET
H2 200 bffe886c-d35e-4de4-9e5e-c45d85289a4d.jpeg
www.wta.org/wta-home/@@images/ 64 KB
64 KB 186ms
185ms Image
image/jpeg 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/wta-home/@@images/bffe886c-d35e-4de4-9e5e-c45d85289a4d.jpeg

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

872a3f7495d8b37d919bc39cc662d09e28f764ebea0e04d29baec33b6b1b4ac3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
content-length: 65048
x-cache-rule: plone.stableResource
cf-bgj: h2pri
last-modified: Tue, 19 Dec 2023 16:55:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFL1fnPih1k6UpXkCqYFZl%2FlrM6MGScuiuWpCAEso3Zp2n3EHoname8Yc8aKLM61JVenzt051NOGTMPL7k2t2oGotmeygJt%2BSGqybUD5DRoEqWgP%2Bqnqps4%2FRbqM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 539168516
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 83a08534dc2ba7ff-SYD
expires: Wed, 18 Dec 2024 17:02:27 GMT

GET
H2 200 22034A_0_0.woff
www.wta.org/++theme++plonetheme.wta/webfonts/ 51 KB
52 KB 12ms
10ms Font
application/x-font-woff 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++theme++plonetheme.wta/webfonts/22034A_0_0.woff

Requested by

Host: www.wta.org
URL: https://www.wta.org/++theme++plonetheme.wta/MyFontsWebfontsKit.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

887944d19b85a9c09bb0ca755359ab357fda63819374562d94939c062a44d09f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wta.org/++theme++plonetheme.wta/MyFontsWebfontsKit.css
Origin: https://www.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34544
x-cache-operation: plone.app.caching.strongCaching
content-length: 52679
x-cache-rule: plone.resource
last-modified: Wed, 28 Jul 2021 18:22:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qX%2FaugyWHSZHoGT1nLauxXTnNpmbaSzula2YKTP6gh7wRFlZwCQ1iMXTjlsB6StR3kI0DAVBG%2B47caIEdLeKULyzzB4iVRihL%2FaTvAP8N%2BKcJusrVnruyTel2X%2BL"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-woff
x-varnish: 481874228 482912830
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 83a08534dc34a7ff-SYD
expires: Sat, 23 Dec 2023 12:13:31 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 12 KB
13 KB 403ms
2ms Font
font/woff2 142.250.66.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:35:37 GMT
x-content-type-options: nosniff
age: 311888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12276
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:49:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 21:35:37 GMT

GET
H2 200 2925EE_0_0.woff
www.wta.org/++theme++plonetheme.wta/webfonts/ 53 KB
53 KB 177ms
177ms Font
application/x-font-woff 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++theme++plonetheme.wta/webfonts/2925EE_0_0.woff

Requested by

Host: www.wta.org
URL: https://www.wta.org/++theme++plonetheme.wta/MyFontsWebfontsKit.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ab04b60b674a11c7e65e398fe809e954e47f3b78a6936af8fe306a0015466ff

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wta.org/++theme++plonetheme.wta/MyFontsWebfontsKit.css
Origin: https://www.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
content-length: 54236
x-cache-rule: plone.resource
last-modified: Wed, 28 Jul 2021 18:22:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n18rKQSKzb1dJfunZdfRFXePlGVepwe9ZZLiS94OSfxya2K53%2BLgcfqR8Dr33SyLIo73fD4GPuemJiO%2F%2B8edp1BRCHWXka6Vm9244l4PWQBigl7GdtqOPsPcP%2FX5"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-woff
x-varnish: 302514324 299532728
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 83a08534dc35a7ff-SYD
expires: Sat, 23 Dec 2023 21:22:26 GMT

GET
H2 200 jquery.cookie.js Show response
www.wta.org/++plone++static/components/jquery.cookie/ 3 KB
2 KB 173ms
172ms Script
application/javascript 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/++plone++static/components/jquery.cookie/jquery.cookie.js

Requested by

Host: www.wta.org
URL: https://www.wta.org/++plone++production/++unique++2023-12-17T17:06:47.615930/default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:45 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
x-cache-rule: plone.resource
last-modified: Wed, 28 Jul 2021 22:20:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bx9Y%2FZSpHpTPavljwivjMRNhIUh8JpG4cvI1hpSerkqdy4Xgu4NogPV6FQylOsVB%2FLCngkrJAZZ37bd49b6%2BobzrXJNjY90ndV4jS%2BdSE%2F2T9Em7MtmzxGAfvIic"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 535696868
cache-control: public, max-age=86400, proxy-revalidate
vary: Accept-Encoding
cf-ray: 83a085356c8fa7ff-SYD
expires: Sun, 24 Dec 2023 04:02:42 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
87 KB 258ms
3ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=473c7b17b0bffda286a6e3f263ee1cc5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

c5c9a7215839dc7f5c3a42ac6dafce8474022ec9c85319ec6fce8186dfeab272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.wta.org/
Origin: https://www.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:45 GMT
content-md5: 4uNLtyguosjD+jpQ1G1P6Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88317
reporting-endpoints
x-fb-debug: F5zEb8augNkQhS3/G2sGuCAQlifP05pP90+0fbqKAolVEr2S1ABkIcaEwX8RiPTVekYf+jvzP36ueP7ITNTxUw==
x-fb-content-md5: 4be90147f0cc112bd843657ace76e0fd
cross-origin-opener-policy: same-origin-allow-popups
etag: "1ef463f700fc16348f4eabed182f573b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 22 Dec 2024 11:23:24 GMT

GET
H2 200 / Show response
give.wta.org/give/484340/ Frame 2664 103 KB
31 KB 1824ms
1498ms Document
text/html 104.18.124.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.wta.org/give/484340/

Requested by

Host: sdk.classy.org
URL: https://sdk.classy.org/embedded-giving.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.124.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f6ee7bfb3fd27ec5bd3805a584f365b34aacf0a1cbee38608a8aab79451e57e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://wta.org https://staging.wta.org https://www.wta.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wta.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 83a085392c785d2c-SYD
content-encoding: br
content-security-policy: frame-ancestors 'self' https://wta.org https://staging.wta.org https://www.wta.org;
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 12:13:47 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
92 KB 121ms
120ms Script
application/javascript 172.217.167.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X2896S29J5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PB9K2Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

059322278854496c0f978ec03eecc022f34e8eb31ae170b3f4ccb6d3a21aae14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93697
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 12:13:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 402ms
2ms Script
text/javascript 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PB9K2Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 11:52:41 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1265
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 23 Dec 2023 13:52:41 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/881910575/ 3 KB
2 KB 510ms
105ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/881910575/?random=1703333625964&cv=11&fst=1703333625964&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72062968&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wta.org%2F&hn=www.googleadservices.com&frm=0&tiba=Washington%20Trails%20Association&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PB9K2Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

3d5dd28f88624d62a2f603f25a049da09e3ac24cc280d78b05f0cebd0b4bd42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1235
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 77 KB
24 KB 327ms
4ms Script
text/javascript 18.67.93.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PB9K2Z
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-14.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd133f65e4b01d44b31ed450c2ded840f5a6074797571452aa74bf965b00e0f2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: mwpgId4D.xsRaz2Lp3akH7EyTXFzbDSi
Content-Encoding: gzip
Via: 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront)
Date: Sat, 23 Dec 2023 12:04:31 GMT
Age: 556
X-Amz-Cf-Pop: SYD62-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 20 Dec 2023 19:07:27 GMT
Server: AmazonS3
Etag: W/"577e468d019c21bc05275d07caaff423"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: _6Vkd9Qog8CKUNXQ9SZ-VZ2Al-zRGsjtOWECFolGQGbCAFmUW5qOow==

GET
H2 200 6935.js Show response
script.crazyegg.com/pages/scripts/0090/ 6 KB
2 KB 371ms
11ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0090/6935.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PB9K2Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7438e048dc7be6775abfd013639ddf9910583e02a6a322aad4248fb0f05bb714

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 10892
cf-polished: origSize=6112
ce-version: 11.5.164
cf-bgj: minify
last-modified: Sat, 23 Dec 2023 09:12:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 83a0853c9f5f573e-SYD

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 4ms
3ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 23 Dec 2023 12:13:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: QJWg7Cyk68kSvH9F/Bjj9NOPn469CUj/9VlLCnp9KCPE9szGZVJ6FUBeJiYYGkCjT4plxAYbu3JrutN/L/aVrw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 6ms
6ms Script
text/javascript 23.38.129.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PB9K2Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.38.129.67 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-38-129-67.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:45 GMT
server: Oracle API Gateway
opc-request-id: /7DA1AB0DE5A41A459460AF2C4B664A90/F6EBD77E5D1EF9A49B2C6278AA78E39C
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 1556220604666536 Show response
connect.facebook.net/signals/config/ 143 KB
36 KB 435ms
434ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1556220604666536?v=2.9.138&r=stable&domain=www.wta.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

2d066e10f43fa3becd5b621641887bf41b6ddddb91b25cf1169f3cd46a5db5be

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 23 Dec 2023 12:13:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: +nWOjM4xjomq3JmQ8t+yn86NSY4fJ6Tt+HlQliqx3NYvwhz6rPCDdHghBab1V9x6NAifSBAaPcwZPJOOuk8tBw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
252 B 497ms
98ms Ping
text/plain 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-X2896S29J5&gtm=45je3bt0v868594482z872062968&_p=1703333624848&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=130673013.1703333626&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1703333626&sct=1&seg=0&dl=https%3A%2F%2Fwww.wta.org%2F&dt=Washington%20Trails%20Association&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2648
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2896S29J5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wta.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 586ms
95ms Ping
text/plain 142.251.175.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X2896S29J5&cid=130673013.1703333626&gtm=45je3bt0v868594482z872062968&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X2896S29J5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wta.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
408 B 503ms
102ms Image
image/gif 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X2896S29J5&cid=130673013.1703333626&gtm=45je3bt0v868594482z872062968&aip=1&dma=0&gcd=11l1l1l1l1&z=1799755937

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
733 B

5ms
3ms

Script
application/javascript

18.67.93.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: HTTP/1.1
Server: 18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-14.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 05:39:18 GMT
X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront)
Age: 23669
X-Amz-Cf-Pop: SYD62-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: i4VV8kX3OoL-uuROzlIFBZAt7_-Qs289htAJYUHH04g9Vrx4pA3obw==

Redirect headers

Date: Sat, 23 Dec 2023 09:12:12 GMT
Via: 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront)
Age: 10892
X-Amz-Cf-Pop: SYD62-P1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: XKzb-QMMgpGDs_Z2m-X9PuRZXWT0tuvznuMLEelIW_k-d14eZSscPg==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/ 0
808 B 11ms
4ms Script
text/javascript 18.67.93.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-14.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: NzfXy51OOlu.bIADsXHu2.Z8BcgLt03j
Date: Sat, 23 Dec 2023 11:59:26 GMT
Via: 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront)
Age: 861
X-Amz-Cf-Pop: SYD62-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Fri, 22 Dec 2023 18:33:36 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 7zngw2WNAr8sWVUdhbb7t2nFDbF2RWhGKTIW-wbiFNulGGqDgDJZRQ==

GET
H2 200 www.wta.org.json Show response
script.crazyegg.com/pages/data-scripts/0090/6935/site/ 21 KB
4 KB 318ms
11ms XHR
application/json 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0090/6935/site/www.wta.org.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0090/6935.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e827ddef441f784d0a70b9e2d3c880102a643de0dd2ebb2c4d39d1964ae0ff3d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 14196
ce-version: 11.5.164
content-length: 3854
last-modified: Sat, 23 Dec 2023 08:17:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a0853e9ab16a6c-SYD

GET
H2 200 embedded Show response
www.wta.org/portlets/winter-appeal-2023/ 2 KB
994 B 657ms
656ms XHR
text/html 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wta.org/portlets/winter-appeal-2023/embedded?_=1703333624854

Requested by

Host: www.wta.org
URL: https://www.wta.org/++plone++production/++unique++2023-12-17T17:06:47.615930/default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64466f9cd697f341ccd4e774b5f839b49bc262960391a617e228da456f3bdcfd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.wta.org/
X-Requested-With: XMLHttpRequest
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:47 GMT
via: 1.1 varnish (Varnish/6.2)
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6xEBecbnawJ0%2FF43lq7ZZ1q9dcXFtU5j2QK0QgzbxIm4vTyFu1bg4tnFIgvW7klNrBC9KyLmyjw3KjyayY8dm7zK8dtzTGARL5k78Xc0L4S%2B5BKzZlT%2FxkZTJos"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
x-varnish: 547226324
cf-ray: 83a0853cd9e9a7ff-SYD

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 99ms
98ms XHR
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1402793917&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wta.org%2F&ul=en-us&de=UTF-8&dt=Washington%20Trails%20Association&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=940274599&gjid=855069618&cid=130673013.1703333626&tid=UA-2999782-1&_gid=1015370408.1703333626&_r=1&_slc=1&gtm=45He3bt0n71PB9K2Zv72062968&cd2=&cd4=&cd5=&cd6=&cd8=&cd10=&cd11=&cd12=&cd13=&gcd=11l1l1l1l1&dma=0&z=982495639

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wta.org/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wta.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2TG3XTR6EVDYDA5AVXLEFZ Show response
d.adroll.com/consent/check/ 509 B
994 B 838ms
175ms Script
application/javascript 18.136.156.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/2TG3XTR6EVDYDA5AVXLEFZ?pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&_s=100c84f89d0fd05a284eae409ab086a6&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.136.156.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-156-172.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 90821453245b09d8b8a5a6ca943999a2fbd063868f6acacc73f511b625c81b7c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:47 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 509
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 310ms
3ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1556220604666536&ev=PageView&dl=https%3A%2F%2Fwww.wta.org%2F&rl=&if=false&ts=1703333626493&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703333626490.572669952&cs_est=true&ler=empty&it=1703333626002&coo=false&rqm=GET

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 23 Dec 2023 12:13:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
155 B 356ms
96ms XHR
text/plain 142.251.175.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2999782-1&cid=130673013.1703333626&jid=940274599&gjid=855069618&_gid=1015370408.1703333626&_u=YADAAAAAAAAAAC~&z=1014621805

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wta.org/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 23 Dec 2023 12:13:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wta.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/881910575/ 42 B
154 B 505ms
104ms Image
image/gif 142.250.71.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/881910575/?random=1703333625964&cv=11&fst=1703332800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72062968&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wta.org%2F&frm=0&tiba=Washington%20Trails%20Association&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_qojvdoPiprKSgGzsu3Hydl_13-uzFA&random=317765600&rmt_tld=0&ipr=y

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.68 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/881910575/ 42 B
154 B 272ms
103ms Image
image/gif 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/881910575/?random=1703333625964&cv=11&fst=1703332800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72062968&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wta.org%2F&frm=0&tiba=Washington%20Trails%20Association&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_qojvdoPiprKSgGzsu3Hydl_13-uzFA&random=317765600&rmt_tld=1&ipr=y

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 470d23904020258879cef09100c24692.js Show response
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 138 KB
46 KB 10ms
9ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/470d23904020258879cef09100c24692.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0090/6935.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098d0c70f5c83c0b2b02a8b518ebd62560ec999794b3112f79725f193783bba3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 07:22:35 GMT
server: cloudflare
age: 87758
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a0853ea936573e-SYD
content-length: 46668

GET
H2 200 www.wta.org.json Show response
script.crazyegg.com/pages/data-scripts/0090/6935/sampling/ 152 B
237 B 252ms
251ms XHR
application/json 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0090/6935/sampling/www.wta.org.json?t=473148
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/470d23904020258879cef09100c24692.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3268809ba48a7c060b0f6b57cc9241cc34f534635edd0eb3e28dd1ff9111f0ee

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 23 Dec 2023 12:13:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.164
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a0853edadb6a6c-SYD
content-length: 144

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 148ms
103ms Image
image/gif 142.250.71.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2999782-1&cid=130673013.1703333626&jid=940274599&_u=YADAAAAAAAAAAC~&z=1638576862

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.68 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
107 B 106ms
105ms Image
image/gif 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2999782-1&cid=130673013.1703333626&jid=940274599&_u=YADAAAAAAAAAAC~&z=1638576862

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
468 B 796ms
261ms XHR
application/json 54.192.150.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/470d23904020258879cef09100c24692.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-73.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 23:27:18 GMT
via: 1.1 c76b6f80cec204bcd24e411dd51125fc.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-C1
age: 6612389
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: hAnmV39041-iM3p-VLQ4usuXRHdhfTpw5Vu2QQZNPNYJbjWw0J8PQg==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
471 B 791ms
261ms XHR
application/json 13.227.254.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/470d23904020258879cef09100c24692.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-86.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:50:31 GMT
via: 1.1 3c724fc8704aec61a7bab068ccd978fe.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 7579397
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: 37523Rfm6hLqdiL95CE04MqUZPItHPMgjbw0P-EsK07CWtOGdUdOBQ==

GET
BLOB 200
OK d792f038-4d4a-432c-8224-91697572b858
https://www.wta.org/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.wta.org/d792f038-4d4a-432c-8224-91697572b858
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H2 200 0b5777a7-8072-4e07-9410-cf196fadd93c.png
www.wta.org/portlets/banner-graphics/23-winter-appeal-popup35.png/@@images/ 534 KB
535 KB 172ms
170ms Image
image/png 172.67.71.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wta.org/portlets/banner-graphics/23-winter-appeal-popup35.png/@@images/0b5777a7-8072-4e07-9410-cf196fadd93c.png

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c786141190cfa1b104ab04be227ae6b56595d505a36b5749ee03f3047ae4b42

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sat, 23 Dec 2023 12:13:47 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-operation: plone.app.caching.strongCaching
content-length: 546682
x-cache-rule: plone.stableResource
last-modified: Wed, 20 Dec 2023 22:07:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FdrS763%2BN0t1QbERYOV2PS8MhEUhAF6DnV%2F6Egq7eaZMRxZDwTerlYekA63LvM1jlDrH%2BNxtSzhpLLrLTWsxDK7JxDp3bfWsJnQVOe3atDYGQPNsscyk1x4xzli"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-varnish: 542153862
cache-control: public, max-age=31536000, proxy-revalidate
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 83a085411ce3a7ff-SYD
expires: Thu, 19 Dec 2024 22:15:40 GMT

GET
H/1.1

200
OK

I5T3ZRQJSJBB5CDQLBSTMS.js Show response
s.adroll.com/pixel/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/
Redirect Chain

https://d.adroll.com/pixel/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&cookie=&a...
https://s.adroll.com/pixel/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/I5T3ZRQJSJBB5CDQLBSTMS.js

3 KB
2 KB

579ms
579ms

Script
text/javascript

18.67.93.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/I5T3ZRQJSJBB5CDQLBSTMS.js
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: HTTP/1.1
Server: 18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-14.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6387f0117d25827d43301b00a292c6ab26d0deca579415e512e57952eb16d03c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: pLA7LAuziTJLfZcq4MoqNrCsK_qQpByn
Content-Encoding: gzip
Via: 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront)
Date: Sat, 23 Dec 2023 12:13:48 GMT
X-Amz-Cf-Pop: SYD62-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 21 Dec 2023 11:01:41 GMT
Server: AmazonS3
Etag: W/"db55f43110200a0d19bb857f9ea431e0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 3DUbjqt7dvRZuYUxhDSI5y4KcwQfKN-Bc56m-eudmUKltLrwJP3c-w==

Redirect headers

date: Sat, 23 Dec 2023 12:13:47 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: p
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.22.1
x-rule: *
x-segment-eid: I5T3ZRQJSJBB5CDQLBSTMS
location: https://s.adroll.com/pixel/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/I5T3ZRQJSJBB5CDQLBSTMS.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: 6HR7GZHSUVCVZHT63Z2H3U
x-segment-name: *
x-advertisable-eid: 2TG3XTR6EVDYDA5AVXLEFZ
x-conversion-currency

GET
H2 200 main.css
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/ Frame 2664 1 MB
146 KB 35ms
24ms Stylesheet
text/css 104.18.197.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css

Requested by

Host: give.wta.org
URL: https://give.wta.org/give/484340/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.197.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd3d080b3efdafd916a7f950f339082a53a3832f3d9d13577b0664abeec587a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1SMS3KEN2N49RXNE
age: 39330
cf-polished: origSize=1156430
x-amz-server-side-encryption: AES256
x-amz-id-2: YnFUr+Ii9ukE6xJdSw/BxgURduuOfdG6++Iy7uvGyibTmVaGexApgdFcMLD2EVSzMDdQclfZ7IQX/XFw8a3W/+Z+2Di0gG9PdwCrpjhh00Y=
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 22:05:11 GMT
server: cloudflare
etag: W/"0ceb9eeb4ac62d24b00d120740a22187"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 83a08543e8c95d36-SYD

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 2664 131 KB
45 KB 339ms
3ms Script
application/javascript 18.67.111.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: give.wta.org
URL: https://give.wta.org/give/484340/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-24.syd62.r.cloudfront.net

Software

CloudFront /

Resource Hash

334a9391ef52196ffc91bb1f2383d3393dafa929f88947a2b80847831d095559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:47 GMT
content-encoding: br
via: 1.1 948c1c49e6b4d8c0c9b0fdb0a41022ec.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: SYD62-P2
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: pA2r6Y7eT-Li7luZ8fEmVplsyuAmN7yMAkPCKK1oulIYqIdchsmGWA==
x-xss-protection: 1; mode=block

GET
H2 200 rocket-loader.min.js Show response
give.wta.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 2664 12 KB
4 KB 5ms
5ms Script
application/javascript 104.18.124.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.wta.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: give.wta.org
URL: https://give.wta.org/give/484340/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.124.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/give/484340/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
server: cloudflare
content-encoding: gzip
etag: W/"6581a422-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 83a085452ccb5d2c-SYD
expires: Mon, 25 Dec 2023 12:13:47 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 2664 20 KB
7 KB 347ms
37ms Script
text/javascript 104.16.56.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: give.wta.org
URL: https://give.wta.org/give/484340/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.56.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://give.wta.org/
Origin: https://give.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:48 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83a08547191a55bd-SYD

GET
H2 200 clock Show response
tracking.crazyegg.com/ 30 B
137 B 549ms
187ms XHR
text/plain 13.213.81.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1703333627771&tk=237bc2efc6b6765728928ac7bcb8aef5&s=342213&p=%2F&u=906935&v=3d7de692855bf575b75e7075db8e93fc8e1b05cc&f=wta.org&ul=https%3A%2F%2Fwww.wta.org%2F
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/470d23904020258879cef09100c24692.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.213.81.7 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-213-81-7.ap-southeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 4e3078d0773f71b08d97845dd747445531743b427f5568bd4a0d8e990dd725d8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Dec 2023 12:13:48 GMT
cache-control: no-store
server: awselb/2.0
content-length: 30
content-type: text/plain

GET
H2 200 xdi.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 2664 26 KB
12 KB 309ms
3ms Script
text/javascript 18.67.111.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/xdi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-24.syd62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9669a10126dc3af0dfb585a7d1f1359638262289968aa7c202ad70de3371f073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.wta.org/
Origin: https://give.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 2HwkiXQectHLaswMS7GXtsj7Fj29XM2H
content-encoding: gzip
via: 1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
date: Sat, 23 Dec 2023 00:33:39 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SYD62-P2
age: 42013
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"00c3b072683167edc19c510fffec8e50-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: Nw6TVLJG63Q1F4uNAWYcV3zNTh9EVMm6jDkxnwoYPOGklFw8N3uYyA==

GET
H2 200 ui.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 2664 267 KB
77 KB 296ms
3ms Script
text/javascript 18.67.111.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-24.syd62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.wta.org/
Origin: https://give.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: pGLiXkBTZEwR1GE0xA6XjctsUE08zxMZ
content-encoding: gzip
via: 1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
date: Sat, 23 Dec 2023 02:40:09 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SYD62-P2
age: 34420
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fc84468acd1aa46963b34967f73979cb-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: qJzyEG5jbtfh-yX3zydOCC4jEkClNOc4G4soQxyx1XEi1hFdW5SDwQ==

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ Frame 2664 19 KB
5 KB 713ms
177ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:48 GMT
last-modified: Tue, 28 Nov 2023 19:39:34 GMT
etag: "09f159d3222da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4905
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ Frame 2664 7 KB
3 KB 321ms
12ms Script
application/javascript 104.16.123.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.123.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:48 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2648991
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HFWB8437119474W8GG7M8PPF-syd
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83a085485918a974-SYD

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/donation/ Frame 2664 184 KB
38 KB 28ms
28ms Script
application/javascript 104.18.197.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/donation/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.197.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3073bd17061938f0b03a1cda1ed31d8e0f4ac3c5003ad3b38d9c7e2e837eb81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:11 GMT
server: cloudflare
x-amz-request-id: R875K2TGGQB93TDE
age: 39328
etag: W/"2d306c8b40756deed670707bd257d4cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 83a085466ab45d36-SYD
x-amz-id-2: LLaHAKZ1U9XvuRELp3nmpwKZaYVjrZCXRccxwsi++NXP/O1fXgB5gPJbgWQR2dgrPefpe05vHJ4=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/ Frame 2664 2 MB
388 KB 34ms
32ms Script
application/javascript 104.18.197.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.197.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24461e8609af6616b65acb3145728531e2470e8f3fef3373f8764cee4ff3d500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: R874D2RW2ENT57YJ
age: 39328
etag: W/"9e8f84ac4daf7d759d927320005908c6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 83a085466ab65d36-SYD
x-amz-id-2: N2KzcjfqWtGrF2bqhNcAKjuyNvHVx20RCvn1A8bWGwd6uBG6ojlbgcQdC8Bl11lZ73zyQ8cWNLQ0z5X7sHMhl9swEiW3eHiXviQ45/ZyvrQ=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/ Frame 2664 1 MB
429 KB 36ms
35ms Script
application/javascript 104.18.197.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/libs.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.197.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: R879A6FRGYB5HPHV
age: 39328
etag: W/"89ff3b468454fac32729fc74e3c9be17"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 83a085466ab75d36-SYD
x-amz-id-2: tnwJErJ9moLLjs9vVtJOcwA55/mVsUkUxhNGx3ZaEgB8DJY8aUMC9I3++insnyYIabUtYjQp+4i5OfFMdSFSsaaO9ThRULLSR139V9cPKjY=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame 2664 142 KB
43 KB 519ms
215ms Script
application/javascript 108.138.246.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.246.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-246-128.sfo5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40871c4d90e6b7d74324009033218131f4fbec5d8ffd37683b2a345e9cc1b1a6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: lx0cbHmgeiEQsf1rNY91ptjO3O1kNICW
content-encoding: gzip
via: 1.1 a821cc058353c1317806ae362898a2d2.cloudfront.net (CloudFront)
date: Sat, 23 Dec 2023 00:11:12 GMT
x-amz-request-id: S6QBQS2E91R775M5
x-amz-cf-pop: SFO5-P1
x-amz-server-side-encryption: AES256
age: 43371
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: cixlO5luEiJJ04UJM6VEgpMgSrlVyemjP2OeiMhZP2P6dHf+xj42O3576q/FnzF5fcT07M++KVE=
last-modified: Thu, 21 Dec 2023 23:05:48 GMT
server: AmazonS3
etag: W/"6ad0b521f24fe4e2751e5186df298b24"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: BpixEWC8e9ycy1tEae4NxLYv-zaFiLZDo47tXknKus-2kyQba3s3sA==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 2664 579 KB
161 KB 52ms
13ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:47 GMT
via: 1.1 varnish
age: 29
x-cache: HIT
content-length: 164503
x-request-id: 5047afa2-b437-4db4-b354-0337d6f14132
x-served-by: cache-bne12527-BNE
last-modified: Fri, 22 Dec 2023 21:43:17 GMT
server: Fastly
etag: "4ec63ff996d5aa25b29f0a90d2021ae0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 30390

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 8 KB
3 KB 4ms
3ms Script
text/javascript 18.67.93.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&cookie=&adroll_s_ref=&keyw=&p0=1643
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-14.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: kaomAQKNRR_7Pb.3Bms_Xue6LaAItEu.
Content-Encoding: gzip
Via: 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront)
Date: Sat, 23 Dec 2023 12:11:13 GMT
Age: 156
X-Amz-Cf-Pop: SYD62-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 21 Jun 2023 16:22:01 GMT
Server: AmazonS3
Etag: W/"4a64112c69b3c4b3f104f38d9547a094"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: dzhv9e8MMZJIc804Lo7_UcvPz4I85u0lA7XkemC4lZzkyk5kvTmTrg==

GET
H/1.1

200
OK

sync
x.bidswitch.net/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ
https://x.bidswitch.net/sync?dsp_id=44&user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU

43 B
235 B

310ms
103ms

Image
image/gif

35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=44&user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: HTTP/1.1
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 12:13:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=44&user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:48 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 96
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=HZ8UqwgjtLLwJfZDG1IXjg
https://d.adroll.com/cm/g/in

42 B
552 B

176ms
175ms

Image
image/gif

18.136.156.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H2
Server: 18.136.156.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-156-172.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:48 GMT
server: nginx/1.22.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expiration=1734869628
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expiration=1734869628&C=1

43 B
368 B

660ms
658ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expiration=1734869628&C=1
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILQfsskRqZULdAw9VwXv1%2F2lAQOVAFZKueT20swhFsL8VhmWhOU515Oyu%2BY3FdvzzvegZe%2B2UyA%2BvsNP%2BAZ3%2FvCpq2xY%2Bep5e6G6PfxdN%2Bw7JTJgBETyLrBbS4ClQcLAtPMCg9rTMXCwhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a08549896d6a6c-SYD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSx27uUFcyxlEzhdpXjBRRCl7KwlwbvAUeBGGCWuo06Dt3tD7GijkEalwDcVXlgv8njVEN2nFlWD7FZGiXrz5vU4vOD0L4PR9PjxZQEGLE3nwxQJMmDrBjbQPNDs34zj4cLUyk15DJrR3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=105&external_user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expiration=1734869628&C=1
cache-control: no-cache
cf-ray: 83a0854888ec6a6c-SYD
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

458249.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ
https://idsync.rlcdn.com/377928.gif?partner_uid=1d9f14ab0823b4b2f025f6431b52178e
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogMWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGUQABoNCPydm6wGEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=f445d52d4a033f2dcbbb91b1cc85a2aaa3c19619def21cd1d8400a92d04e89cf791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmNDQ1ZDUyZDRhMDMzZjJkY2JiYjkxYjFjYzg1YTJhYWEzYzE5NjE5ZGVmMjFjZDFkODQwMGE5MmQwNGU4OWNmNzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmNDQ1ZDUyZDRhMDMzZjJkY2JiYjkxYjFjYzg1YTJhYWEzYzE5NjE5ZGVmMjFjZDFkODQwMGE5MmQwNGU4OWNmNzkxNDI2YjU0MTdkY2UyMRAAGgwI_J2brAYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=044eeb0a-b3a6-4a96-bf75-1dac7538e963

42 B
60 B

183ms
180ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=044eeb0a-b3a6-4a96-bf75-1dac7538e963
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Sat, 23 Dec 2023 12:13:49 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/458249.gif?partner_uid=044eeb0a-b3a6-4a96-bf75-1dac7538e963
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expires=365

42 B
952 B

739ms
181ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expires=365
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expires=365
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:48 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ
https://us-u.openx.net/w/1.0/sd?id=537103138&val=1d9f14ab0823b4b2f025f6431b52178e&gdpr=0&gdpr_consent=
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=1d9f14ab0823b4b2f025f6431b52178e&gdpr=0&gdpr_consent=

43 B
171 B

100ms
99ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=1d9f14ab0823b4b2f025f6431b52178e&gdpr=0&gdpr_consent=
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=1d9f14ab0823b4b2f025f6431b52178e&gdpr=0&gdpr_consent=
date: Sat, 23 Dec 2023 12:13:48 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=&us_privacy=1---

0
287 B

629ms
155ms

Image
text/plain

66.225.223.95
NTTA-3946

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: HTTP/1.1
Server: 66.225.223.95 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS: sa.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 12:13:48 GMT
Cache-Control: no-cache
X-TraceId: fa4f1ecd84ab92b4801409b87ea0ba5c
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=&us_privacy=1---
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:48 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 137
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
540 B

548ms
180ms

Image
image/gif

207.65.33.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H2
Server: 207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 23 Dec 2023 08:39:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:48 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
311 B

178ms
177ms

Image
text/plain

13.228.126.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Server

13.228.126.19 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
date: Sat, 23 Dec 2023 12:13:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU

0
367 B

901ms
182ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 178561

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:48 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ
https://eb2.3lift.com/xuid?mid=4714&xuid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

98ms
97ms

Image
image/gif

35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H2
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 23 Dec 2023 12:13:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
date: Sat, 23 Dec 2023 12:13:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=3f5d429e7c0d612969ae019303c78ceb-1703333627256&pv=42792578999.61839&arrfrr=https%3A%2F%2Fwww.wta.org%2F&advertisable=2TG3XTR6EVDYDA5AVXLEFZ
https://ib.adnxs.com/setuid?entity=172&code=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU

43 B
917 B

180ms
179ms

Image
image/gif

103.43.90.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Server

103.43.90.53 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:49 GMT
an-x-request-uuid: d2f36342-515f-4cbb-bc65-6962823be1cf
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 66.203.112.162; 66.203.112.162; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:48 GMT
an-x-request-uuid: 9f3e6f39-8187-4820-b8b0-875618d4b1b5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU
cache-control: no-store, no-cache, private
x-proxy-origin: 66.203.112.162; 66.203.112.162; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 2664 15 KB
4 KB 3ms
3ms Stylesheet
text/css 18.67.111.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-24.syd62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: JWSMp_NTaRFeSeqpmxFPkel0LiL4cMwY
content-encoding: gzip
via: 1.1 948c1c49e6b4d8c0c9b0fdb0a41022ec.cloudfront.net (CloudFront)
date: Sat, 23 Dec 2023 07:52:21 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SYD62-P2
age: 15688
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fb3f2afd9f46893bb196329ab90276a6-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: oGaLSyYWGyjXCXgkRvmNC1SReahQPo4pVRzG7tP76g_zDzquV5Kq5Q==

GET
H2 200 en.json Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ Frame 2664 8 KB
2 KB 2ms
2ms Fetch
application/json 18.67.111.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-24.syd62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: Pw3hE5sAYQ0kvHESktDQjUKbfeKteOb6
content-encoding: gzip
via: 1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 17:05:08 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SYD62-P2
age: 68921
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"ecabc5423541bd640b7f7a45cb696671-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: bH6_1ulDtxN6t1TM7FmzIj7znGL4Z91k7iD32BUeR-Qr15Vnm1t6qQ==

GET
H2 200 d9b6b28e3d84db3e4c966a5cf73af402.js Show response
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 20 KB
8 KB 9ms
8ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/d9b6b28e3d84db3e4c966a5cf73af402.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0090/6935.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Dec 2023 11:44:16 GMT
server: cloudflare
age: 87762
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a085499a1a573e-SYD
content-length: 8025

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 457ms
143ms Preflight 35.190.88.7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 7.88.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://give.wta.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 23 Dec 2023 12:13:48 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ Frame 2664 21 B
131 B 154ms
143ms XHR
application/json 35.190.88.7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 7.88.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer: https://give.wta.org/
Bugsnag-Sent-At: 2023-12-23T12:13:48.429Z
accept-language: en-AU,en;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 23 Dec 2023 12:13:48 GMT
via: 1.1 google
bugsnag-session-uuid: f3e46952-edae-4d13-9643-18ecb8c6f715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
BLOB 200
OK 922d3ac3-d1c1-482d-ba9f-c088ba4277be
https://www.wta.org/ 256 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.wta.org/922d3ac3-d1c1-482d-ba9f-c088ba4277be
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 863ec7f03e6be401062d3f40b76cc898e93392acd2931cfc3a07dc3d49be6b07

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 256
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 2664 1 MB
74 KB 115ms
114ms Script
application/javascript 172.217.167.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGKK4PM

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

86efa66486f607feda81094783019fc5331cced0450a3e727f6459d63c9377ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 12:13:48 GMT

GET
H2 200 sdk.js Show response
give.wta.org/sso/ Frame 2664 26 KB
7 KB 1141ms
1140ms Script
application/javascript 104.18.124.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.wta.org/sso/sdk.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.124.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca59ea276635e06f4153a8979c26329c234dcc44673066902f6971ecdefc758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/give/484340/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 23 Dec 2023 11:03:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 83a08549b8495d2c-SYD
expires: Sat, 23 Dec 2023 12:33:49 GMT

GET
H2 200 781bc412f56e01faa636bd8b5d50f169.js Show response
script.crazyegg.com/pages/versioned/tracking-scripts/ 94 KB
30 KB 9ms
9ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/tracking-scripts/781bc412f56e01faa636bd8b5d50f169.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0090/6935.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 678c0bf2781144577d5db7cf03a4fa016b90e1d22d2a0249e3ed88b20a9fdf98

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Dec 2023 11:44:13 GMT
server: cloudflare
age: 87762
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a08549ca33573e-SYD
content-length: 30686

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 509D 200 B
840 B 18ms
17ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.wta.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1471917
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 12:13:48 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 140436
x-content-type-options: nosniff
x-request-id: 57ba5b81-8101-4aca-95bb-340a3a87573d
x-served-by: cache-bne12527-BNE

GET
H2 200 nr-spa-1.249.0.min.js Show response
js-agent.newrelic.com/ Frame 2664 87 KB
29 KB 51ms
18ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.249.0.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

264956d1864215422fb0cf7906731f333cda073f4007ba32f1b9321ff79a9c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://give.wta.org/
Origin: https://give.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: xqhkUaUJHWINEJM5PSle_YSi.Q2oCtRJ
content-encoding: br
via: 1.1 varnish
date: Sat, 23 Dec 2023 12:13:48 GMT
strict-transport-security: max-age=300
x-amz-request-id: NEW8QCSPR92XSA2F
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29447
x-amz-id-2: l8ln3ryHChBixPfIh/Fw84RW/BjTJ97+KE0I7ywQHXMsyN3gETik4pjIMXxAGZgy7HjZzqcXqg0=
x-served-by: cache-bne12527-BNE
last-modified: Thu, 14 Dec 2023 16:36:09 GMT
server: AmazonS3
x-timer: S1703333629.663097,VS0,VE0
etag: "a42a1870225259a5447c6b5e0ebad53c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 687287

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 2664 91 KB
28 KB 319ms
2ms Script
application/javascript 192.229.237.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.237.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nwa/E789) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 12:13:49 GMT
Content-Encoding: gzip
Age: 962
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (nwa/E789)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 2664 993 B
2 KB 114ms
108ms Script
text/javascript 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

ESF /

Resource Hash

7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sat, 23 Dec 2023 12:13:48 GMT

POST
H2 204 rum Show response
give.wta.org/cdn-cgi/ Frame 2664 0
163 B 33ms
8ms XHR
text/plain 104.18.124.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.wta.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.124.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-245bd851bae03c80----1703333628852
traceparent: 00-9a17496313b958e566746c8544fd92e0-245bd851bae03c80-01
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyNDViZDg1MWJhZTAzYzgwIiwidHIiOiI5YTE3NDk2MzEzYjk1OGU1NjY3NDZjODU0NGZkOTJlMCIsInRpIjoxNzAzMzMzNjI4ODUyfX0=
content-type: application/json
Referer: https://give.wta.org/give/484340/

Response headers

date: Sat, 23 Dec 2023 12:13:48 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://give.wta.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83a0854c7a975d2c-SYD

GET
H2 200 tax-entities Show response
give.wta.org/frs-api/organizations/39889/ Frame 2664 629 B
520 B 902ms
900ms XHR
application/json 104.18.124.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.wta.org/frs-api/organizations/39889/tax-entities

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.124.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

951ea2e32eb7db40a971c0eff5cf4e39626733dc7473250d7652b52fbbfca46e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 4YHGrQ1f-kkN-NAt1Mc1j3HGXSvrOmO7-oLk
tracestate: 423787@nr=0-1-423787-363751183-9a1629911dbe3740----1703333628920
traceparent: 00-c76e80330959660de06c5880587aa7a0-9a1629911dbe3740-01
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5YTE2Mjk5MTFkYmUzNzQwIiwidHIiOiJjNzZlODAzMzA5NTk2NjBkZTA2YzU4ODA1ODdhYTdhMCIsInRpIjoxNzAzMzMzNjI4OTIwfX0=
Accept: application/json, text/plain, */*
csrf-token: 4YHGrQ1f-kkN-NAt1Mc1j3HGXSvrOmO7-oLk
Referer: https://give.wta.org/give/484340/

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"275-TTJ3PkhgPyNnMFoQZ6rxo/cuNLU"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 83a0854ccad65d2c-SYD

GET
H2 200 currency-conversions Show response
give.wta.org/frs-api/i18n/ Frame 2664 71 B
231 B 1140ms
1138ms XHR
application/json 104.18.124.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.wta.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=AUD

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.124.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

756e1bb2b2e4de5b39227c93ba514443c67e106fdd17d41de2f4a637d058d3e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 4YHGrQ1f-kkN-NAt1Mc1j3HGXSvrOmO7-oLk
tracestate: 423787@nr=0-1-423787-363751183-4c0dfd1c4fb6cc90----1703333629108
traceparent: 00-92602d76bd467ef61a84b93c81e428d0-4c0dfd1c4fb6cc90-01
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0YzBkZmQxYzRmYjZjYzkwIiwidHIiOiI5MjYwMmQ3NmJkNDY3ZWY2MWE4NGI5M2M4MWU0MjhkMCIsInRpIjoxNzAzMzMzNjI5MTA4fX0=
Accept: application/json, text/plain, */*
csrf-token: 4YHGrQ1f-kkN-NAt1Mc1j3HGXSvrOmO7-oLk
Referer: https://give.wta.org/give/484340/

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"47-I3MP6/iL0g94u9GhTU3acDvBHSY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 83a0854dfbbb5d2c-SYD

GET
H2 200 plaid Show response
pay.classy.org/token/ Frame 2664 88 B
688 B 1250ms
867ms XHR
application/json 104.18.124.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=6918&currency=AUD

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.124.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.wta.org/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 0ae28f51-a12a-4846-8e2b-89d404577b34
cf-ray: 83a085506ec6572f-SYD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 2664 194 KB
65 KB 535ms
127ms Script
text/javascript 142.250.71.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCZ7iyAWI8zgXnUXhz3cRcrSozpxreU3i0&libraries=places&callback=initializeGoogleMapsAPI

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.74 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

1b68b3d843d1ac6473eaad4395506a1c855cf415faea8ed7cc0bcd5dd2214b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66500
x-xss-protection: 0

GET
H2 200 user-icon.png
give.wta.org/static/global/images/ Frame 2664 2 KB
2 KB 37ms
33ms Image
image/webp 104.18.124.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.wta.org/static/global/images/user-icon.png

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.124.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/give/484340/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 10750
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Mon, 11 Dec 2023 22:01:28 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "657786b8-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83a0854e2bdb5d2c-SYD
expires: Sun, 22 Dec 2024 09:14:38 GMT

GET
H2 200 73b8302e-f982-11ed-b121-0e155461b86f.png
assets.classy.org/4958406/ Frame 2664 143 KB
143 KB 55ms
48ms Image
image/webp 104.18.197.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/4958406/73b8302e-f982-11ed-b121-0e155461b86f.png

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.197.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64e0f72941d375f9836b3e87d1c1af900305471fae90b04bf085791155b62cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 1c8c09a2d2295d49b2248ce893dbb6c6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: x.rUm65BgVC_3tkO9KFwf.tO3OK5z5k2
age: 1511342
x-amz-cf-pop: SYD1-C1
cf-polished: origFmt=png, origSize=205076
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="73b8302e-f982-11ed-b121-0e155461b86f.webp"
content-length: 146029
last-modified: Tue, 23 May 2023 15:57:02 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "d7016099092062e1d4d190eac9515c1f"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 83a0854e293d5d36-SYD
x-amz-cf-id: oqRyZNwMnMfwXzu86iRkWhIE-IY_Z4pSpx0BYf7YmQDm-CWWF_ZSmw==

GET
H2 200 embedded-giving-logo-visa.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 2664 1 KB
932 B 35ms
32ms Image
image/svg+xml 104.18.197.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-logo-visa.svg

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.197.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: 23CYAYR1RJ6S0RMY
age: 39333
etag: W/"b327a8825ae28019462c8c3f5b4770c0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 83a0854e29355d36-SYD
x-amz-id-2: lZ+Yk6f9nvjnlsXx3EPtd9D8Z9HVFbo/rbeuSmEgDBtkwrhl/InwvDG9WHm7pYaaSgdZg02+CGsSpIgT/SQ+Cg==

GET
H2 200 embedded-giving-logo-amex.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 2664 1 KB
862 B 21ms
18ms Image
image/svg+xml 104.18.197.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-logo-amex.svg

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.197.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: 23CZDTYD62FASZNQ
age: 39333
etag: W/"0b1b4bc87aebc780d3ad6095fd447a24"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 83a0854e29365d36-SYD
x-amz-id-2: u0qfqVpewVMsknqXpImyelbEvBx4KhL624bLrtzFYWePOTR8wL7RVHK60O+mC/kgy0FJnRkPPSzqB9YmLqlnPA==

GET
H2 200 embedded-giving-logo-discover.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 2664 3 KB
1 KB 46ms
43ms Image
image/svg+xml 104.18.197.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-logo-discover.svg

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.197.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: 23CZHFCSAXVN977W
age: 39333
etag: W/"d51cee8f590a54e755ac3501c1bd7342"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 83a0854e29375d36-SYD
x-amz-id-2: 6steYfqZ8wFfDCrVy9uwkGq6SvEIJaowTJSMs4GT/nNz4t6Wcs4ifW767WBF+3O/zOI+ibUj8ieunGdkaxFxsg==

GET
H2 200 embedded-giving-logo-mastercard.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 2664 1 KB
687 B 22ms
19ms Image
image/svg+xml 104.18.197.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-logo-mastercard.svg

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.197.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: WVVVJZNX186Q8E13
age: 39333
etag: W/"26fb3de4519ed38ceec90bc98250ba1f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 83a0854e29395d36-SYD
x-amz-id-2: QkeOLXEAyEXjaW+w6EcBBo6+oOwnMfLYkXUuCxazBNXRzWA/jIOhsnPbq8JDTB3UZYfZJ8qZ1JA=

GET
H2 200 embedded-giving-shield-icon.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 2664 6 KB
2 KB 26ms
23ms Image
image/svg+xml 104.18.197.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-shield-icon.svg

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.197.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: ZRXQVNSBAKVESD0Q
age: 39333
etag: W/"46fd834e95514def799fa0626c78233c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 83a0854e293a5d36-SYD
x-amz-id-2: SFMA5jZO7erRE2oOc5WhhCb505EWe7iJPcAfiAg0dPMO9mjg4H1kIg3s4KCPtpVN3p8YMv4Gscuz/5sb2f0RfQ==

GET
H2 200 embedded-giving-logo-ach.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 2664 1 KB
949 B 22ms
19ms Image
image/svg+xml 104.18.197.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-logo-ach.svg

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.197.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: BHQ3AADGNR9W0QQC
age: 6971
etag: W/"d71add3c9962a21340ec557ac0628bf7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 83a0854e293b5d36-SYD
x-amz-id-2: WgMTtAG/GFEx/8qG4GqHonZ/11rsN/XwrSRfE4G+56q+Xmaz42YArkQ86wHVw6ATAPAyE6HXlJ4=

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/ Frame 2664 394 B
665 B 20ms
20ms Image
image/webp 104.18.197.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.197.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: CC06S8J33CQVV0WD
age: 57520
cf-polished: origFmt=png, origSize=547
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: EsRAnh6sZsRt4rce8ViTadBcnJWIDnztJYU4tpQ+u30m/1gv7ufXi6uerSfKlLEdZw0mKBbD/aU=
cf-bgj: imgq:85,h2pri
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 83a0854e494f5d36-SYD

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/fonts/ Frame 2664 42 KB
43 KB 1235ms
883ms Font
application/x-font-woff 104.18.124.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.124.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11241468ecf36202cff1d14a70ac7a56ee69e77c7ee8d1835288eead918de205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css
Origin: https://give.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
x-amz-request-id: FQ7PPJJGYYBQD5HD
x-amz-server-side-encryption: AES256
content-length: 43184
x-amz-id-2: ZIc9/UzQ3zQve0qLKXUQ72GGEjljQY1yUELMR9W06V7o5NggsBsW+k4rJXb6DSxBA3JB9ogiK1I=
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
etag: "e938ef9e10839a9514e49917314e13c0"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 83a08550692ba96d-SYD

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/fonts/ Frame 2664 65 KB
66 KB 1254ms
902ms Font
binary/octet-stream 104.18.124.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.124.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css
Origin: https://give.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: REVALIDATED
x-amz-request-id: E1159FN4W1TKQ2PN
x-amz-server-side-encryption: AES256
content-length: 66624
x-amz-id-2: 3HsZp2/jT1HrzS5btKRNmiWK3W3h0wMw36WUWjLEo401Mgp6fSyNn0Subkyx77JOSNSq36y1l/vhRn5b9AbYMj2BDaayACECRbnLgh5vZOM=
last-modified: Mon, 11 Dec 2023 22:05:11 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 83a08550692ca96d-SYD

POST
H2 204 rum Show response
give.wta.org/cdn-cgi/ Frame 2664 0
37 B 5ms
5ms XHR
text/plain 104.18.124.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.wta.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.124.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-ad68b3af59d23d70----1703333629180
traceparent: 00-42ed4c3d1a878bc879e2aec888422a60-ad68b3af59d23d70-01
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhZDY4YjNhZjU5ZDIzZDcwIiwidHIiOiI0MmVkNGMzZDFhODc4YmM4NzllMmFlYzg4ODQyMmE2MCIsInRpIjoxNzAzMzMzNjI5MTgwfX0=
content-type: application/json
Referer: https://give.wta.org/give/484340/

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://give.wta.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83a0854e6bfe5d2c-SYD

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 509D 526 B
473 B 16ms
16ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:49 GMT
via: 1.1 varnish
age: 5189210
x-cache: HIT
content-length: 315
x-request-id: 78d059f0-1fd9-4e5c-a680-c987f1200099
x-served-by: cache-bne12527-BNE
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 133696

GET
H2 200 controller-a8db3be7204dff5e963b6f0fd5121b28.html Show response
js.stripe.com/v3/ Frame 524F 325 B
847 B 21ms
20ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.wta.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 50
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 12:13:49 GMT
etag: "a8db3be7204dff5e963b6f0fd5121b28"
last-modified: Fri, 22 Dec 2023 21:08:02 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 37
x-content-type-options: nosniff
x-request-id: 0bef36c3-1898-4ba8-a9ee-e68eecd5f559
x-served-by: cache-bne12527-BNE

GET
H2 200 payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html Show response
js.stripe.com/v3/ Frame A631 408 B
969 B 16ms
16ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

759813d8a110733c43a0ffa3f09f267f94df572b482fd7bc050c66edabedc8e9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.wta.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 54075
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 12:13:49 GMT
etag: "195e55d1b52949b175298b3e54db37fd"
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1113
x-content-type-options: nosniff
x-request-id: 5bc15dfa-1d4c-4ce3-bb11-8a823b06b0cb
x-served-by: cache-bne12527-BNE

GET
H2 200 payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html Show response
js.stripe.com/v3/ Frame A79B 344 B
434 B 21ms
20ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ed239f990af2e4be1964ed4f17fe93eb53315dd9590386a241d2325b376f196d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.wta.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 12:13:49 GMT
etag: "434e8078d5c09b7f511e68744cf1c8cd"
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 3ed9cf66-1aef-4d0c-9a46-aea3f594a9e4
x-served-by: cache-bne12527-BNE

GET
H2 200 payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html Show response
js.stripe.com/v3/ Frame 374B 408 B
301 B 16ms
16ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

759813d8a110733c43a0ffa3f09f267f94df572b482fd7bc050c66edabedc8e9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.wta.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 54075
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 12:13:49 GMT
etag: "195e55d1b52949b175298b3e54db37fd"
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1114
x-content-type-options: nosniff
x-request-id: 40ab158e-b61a-4509-8ff2-7153083cea96
x-served-by: cache-bne12527-BNE

GET
H2 200 payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html Show response
js.stripe.com/v3/ Frame 2F4F 344 B
1015 B 16ms
15ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ed239f990af2e4be1964ed4f17fe93eb53315dd9590386a241d2325b376f196d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.wta.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 63
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 12:13:49 GMT
etag: "434e8078d5c09b7f511e68744cf1c8cd"
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 5
x-content-type-options: nosniff
x-request-id: ee998935-2351-4cb5-970d-722432c171f7
x-served-by: cache-bne12527-BNE

GET
H2 200 css
fonts.googleapis.com/ Frame 2664 11 KB
841 B 100ms
99ms Stylesheet
text/css 142.250.67.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f10.1e100.net

Software

ESF /

Resource Hash

4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 12:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 12:13:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Dec 2023 12:13:49 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 509D 0
717 B 656ms
327ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333629787629
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703333629787154
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 509D 0
717 B 635ms
307ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333629787889
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703333629787184
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 524F 531 KB
130 KB 25ms
19ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:49 GMT
via: 1.1 varnish
age: 54136
x-cache: HIT
content-length: 132620
x-request-id: b67093e1-3501-420a-bc3c-3cbf29d8cbb3
x-served-by: cache-bne12527-BNE
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Fastly
etag: "cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27591

GET
H2 200 controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 524F 688 KB
177 KB 26ms
20ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:49 GMT
via: 1.1 varnish
age: 54136
x-cache: HIT
content-length: 180909
x-request-id: 191c4ad3-ddbe-4eb9-a288-de2f58d77eed
x-served-by: cache-bne12527-BNE
last-modified: Fri, 22 Dec 2023 21:08:14 GMT
server: Fastly
etag: "5ce54273e9cefa73649bdfcbf46e58d4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27490

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame A631 120 KB
37 KB 669ms
168ms Script
application/javascript 64.233.170.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f92.1e100.net

Software

ESF /

Resource Hash

f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-owkXZMawKQjpd_SLKjesgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-owkXZMawKQjpd_SLKjesgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 23 Dec 2023 12:13:49 GMT

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A631 531 KB
130 KB 23ms
19ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:49 GMT
via: 1.1 varnish
age: 54136
x-cache: HIT
content-length: 132620
x-request-id: d496ac63-2f08-4aca-8907-68f037dd5142
x-served-by: cache-bne12527-BNE
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Fastly
etag: "cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27591

GET
H2 200 payment-request-inner-google-pay-1c2b8933acfb718f7ad8ea902a01c962.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A631 12 KB
5 KB 22ms
12ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-1c2b8933acfb718f7ad8ea902a01c962.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

473efdf61f08fc2ad04df7be0d974c921dea47ac2ea5c6b848a75f6b5db1da73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:49 GMT
via: 1.1 varnish
age: 140082
x-cache: HIT
content-length: 5076
x-request-id: 2b8fdf23-e2a1-46bc-8888-e50d9a2d7199
x-served-by: cache-bne12527-BNE
last-modified: Thu, 21 Dec 2023 21:05:35 GMT
server: Fastly
etag: "c1a7d86250f7fde747d6585463beef22"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2934

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 374B 120 KB
36 KB 673ms
185ms Script
application/javascript 64.233.170.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f92.1e100.net

Software

ESF /

Resource Hash

f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-5vPXCNazX8Dvo41BWhJeLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-5vPXCNazX8Dvo41BWhJeLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 23 Dec 2023 12:13:49 GMT

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 374B 531 KB
130 KB 40ms
39ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:49 GMT
via: 1.1 varnish
age: 54136
x-cache: HIT
content-length: 132620
x-request-id: e76e86b0-af63-4313-afa1-90457b45be14
x-served-by: cache-bne12527-BNE
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Fastly
etag: "cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27592

GET
H2 200 payment-request-inner-google-pay-1c2b8933acfb718f7ad8ea902a01c962.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 374B 12 KB
5 KB 19ms
19ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-1c2b8933acfb718f7ad8ea902a01c962.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

473efdf61f08fc2ad04df7be0d974c921dea47ac2ea5c6b848a75f6b5db1da73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:49 GMT
via: 1.1 varnish
age: 140082
x-cache: HIT
content-length: 5076
x-request-id: d7c3ca22-59e8-4221-a405-4413e141368d
x-served-by: cache-bne12527-BNE
last-modified: Thu, 21 Dec 2023 21:05:35 GMT
server: Fastly
etag: "c1a7d86250f7fde747d6585463beef22"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2935

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2F4F 531 KB
130 KB 40ms
40ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:49 GMT
via: 1.1 varnish
age: 54136
x-cache: HIT
content-length: 132620
x-request-id: a9cf5016-b7ff-42dc-bbbf-de5482f00b0a
x-served-by: cache-bne12527-BNE
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Fastly
etag: "cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27594

GET
H2 200 payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2F4F 13 KB
6 KB 41ms
41ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:49 GMT
via: 1.1 varnish
age: 150805
x-cache: HIT
content-length: 5654
x-request-id: 666fcf1b-148c-49f8-ad60-0fbd2db9567e
x-served-by: cache-bne12527-BNE
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Fastly
etag: "9d64070358354c97251ee8d4e282ba7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8209

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A79B 531 KB
130 KB 40ms
39ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:49 GMT
via: 1.1 varnish
age: 54136
x-cache: HIT
content-length: 132620
x-request-id: a283bd53-90a1-48ed-8066-3ec3645bbc4f
x-served-by: cache-bne12527-BNE
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Fastly
etag: "cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27594

GET
H2 200 payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A79B 13 KB
6 KB 40ms
40ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:49 GMT
via: 1.1 varnish
age: 150805
x-cache: HIT
content-length: 5654
x-request-id: b155e868-202c-4606-a52c-9fbad1a1bcdf
x-served-by: cache-bne12527-BNE
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Fastly
etag: "9d64070358354c97251ee8d4e282ba7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8208

GET
H2 200 inner.html Show response
m.stripe.network/ Frame D7CA 930 B
2 KB 347ms
5ms Document
text/html 18.67.93.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.93.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-93-106.syd62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 113
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 12:11:57 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
x-amz-cf-id: tT-FeO6T1f9lL9CwWHVZf8v2L4fi3VtWZnnzhX6pDD1erfuQuxMbVw==
x-amz-cf-pop: SYD62-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 2664 305 KB
95 KB 147ms
147ms Script
application/javascript 172.217.167.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PB9K2Z&l=dataLayer

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6fad14bd55e0f9288370b8e98fd9dffdf19241b41919523fbef56af0b81eff63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97135
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 12:13:49 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 524F 0
717 B 534ms
327ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333629787944
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703333629787440
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A631 0
717 B 518ms
315ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333629787649
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703333629787170
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A631 0
718 B 509ms
306ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333629787623
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703333629787152
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 374B 0
717 B 507ms
328ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333629788085
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703333629787266
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 374B 0
717 B 495ms
317ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333629788078
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703333629787470
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2F4F 0
717 B 501ms
326ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333629787950
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703333629787173
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2F4F 0
717 B 491ms
316ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333629787877
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703333629787205
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A79B 0
717 B 485ms
311ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333629787937
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703333629787205
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A79B 0
717 B 485ms
312ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333629787651
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703333629787186
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/da154528/www-widgetapi.vflset/ Frame 2664 216 KB
67 KB 6ms
2ms Script
text/javascript 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f14.1e100.net

Software

sffe /

Resource Hash

5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 08:24:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 445750
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68553
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Dec 2024 08:24:39 GMT

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame A749 319 KB
104 KB 7ms
3ms Document
text/html 192.229.237.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgive.wta.org
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.237.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nwa/E78F) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://give.wta.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1018334
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Sat, 23 Dec 2023 12:13:49 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nwa/E78F)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

POST
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/1/ Frame 2664 40 B
461 B 553ms
475ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/67fe2a1b26?a=363721230&v=1.249.0&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3981&ck=0&s=38b18a023a555570&ref=https://give.wta.org/give/484340/&tt=ba6696d00e8c8672&af=err,xhr,stn,ins,spa&ap=187.649324&be=1825&fe=949&dc=777&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1703333625456,%22n%22:0,%22f%22:1,%22dn%22:16,%22dne%22:16,%22c%22:16,%22s%22:320,%22ce%22:327,%22rq%22:327,%22rp%22:1826,%22rpe%22:2244,%22di%22:2423,%22ds%22:2602,%22de%22:2602,%22dc%22:2757,%22l%22:2757,%22le%22:2774%7D,%22navigation%22:%7B%7D%7D
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://give.wta.org/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 23 Dec 2023 12:13:50 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://give.wta.org
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 83a085509fe5a801-SYD
Content-Length: 40

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 2664 29 KB
30 KB 19ms
0ms Font
font/woff2 142.250.66.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:27:34 GMT
x-content-type-options: nosniff
age: 117975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 03:27:34 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame A749 870 B
659 B 596ms
289ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=1fd06231ddb7568c3117134213cfaef1a6c1a9c6

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgive.wta.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_r /

Resource Hash

8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 146
date: Sat, 23 Dec 2023 12:13:49 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sat, 23 Dec 2023 12:13:49 GMT
server: tsa_r
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 149888f92520a6ee
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: 9c16019981ec22200e2fe4f0422aa978d6741c359dc5ebfa1ecedecfeed5f65e
content-length: 338

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 2664 32 KB
32 KB 10ms
7ms Font
font/woff2 142.250.66.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:25:36 GMT
x-content-type-options: nosniff
age: 118093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 03:25:36 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 2664 32 KB
32 KB 11ms
8ms Font
font/woff2 142.250.66.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:25:36 GMT
x-content-type-options: nosniff
age: 118093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 03:25:36 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 2664 29 KB
29 KB 6ms
3ms Font
font/woff2 142.250.66.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:27:34 GMT
x-content-type-options: nosniff
age: 117975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 03:27:34 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 2664 29 KB
29 KB 7ms
4ms Font
font/woff2 142.250.66.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:27:34 GMT
x-content-type-options: nosniff
age: 117975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 03:27:34 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 2664 29 KB
29 KB 7ms
5ms Font
font/woff2 142.250.66.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:27:34 GMT
x-content-type-options: nosniff
age: 117975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 03:27:34 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 2664 29 KB
29 KB 8ms
6ms Font
font/woff2 142.250.66.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 03:27:34 GMT
x-content-type-options: nosniff
age: 117975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 03:27:34 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 524F 474 B
607 B 41ms
13ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 61
x-cache: HIT
content-length: 296
x-request-id: 88a3ebb2-2408-4490-9d07-da0c4492fc42
x-served-by: cache-bne12525-BNE
last-modified: Fri, 22 Dec 2023 21:47:19 GMT
server: Fastly
etag: "bfcbcb1c52cb90f9deaffee5559683d8"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 36

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 524F 474 B
370 B 27ms
14ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 61
x-cache: HIT
content-length: 296
x-request-id: 38ed0dbe-5160-48d0-beae-6b4025fa1af9
x-served-by: cache-bne12525-BNE
last-modified: Fri, 22 Dec 2023 21:47:19 GMT
server: Fastly
etag: "bfcbcb1c52cb90f9deaffee5559683d8"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

POST
H2 200 csp-report
q.stripe.com/ Frame D7CA 0
491 B 154ms
153ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333629832061
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1703333629831589
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame D7CA 87 KB
16 KB 5ms
5ms Script
text/javascript 18.67.93.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.93.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-93-106.syd62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:42 GMT
content-encoding: gzip
via: 1.1 e3f64b5e1795622ac1fd367fad798c10.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 8
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: SYD62-P1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: P26-fsdw_rechGs0tk9wlWPDnayu6t5C8pvM47ALI2bYZ4MUlvV_yg==

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ Frame 2664 88 KB
31 KB 358ms
11ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://give.wta.org/
Origin: https://give.wta.org
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3950117
x-cache: HIT, HIT
content-length: 30957
x-served-by: cache-lga13629-LGA, cache-bne12520-BNE
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1703333630.114344,VS0,VE0
etag: W/"28feccc0-15e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 57, 133462

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 163ms
156ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:49 GMT
x-stripe-server-envoy-start-time-us: 1703333629849254
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703333629848721
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 251ms
245ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:49 GMT
x-stripe-server-envoy-start-time-us: 1703333629938847
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703333629938399
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 250ms
245ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:49 GMT
x-stripe-server-envoy-start-time-us: 1703333629938900
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703333629938284
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 159ms
155ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:49 GMT
x-stripe-server-envoy-start-time-us: 1703333629849166
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703333629848671
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 254ms
251ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:49 GMT
x-stripe-server-envoy-start-time-us: 1703333629939143
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703333629938202
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 249ms
247ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:49 GMT
x-stripe-server-envoy-start-time-us: 1703333629938918
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703333629938368
access-control-allow-credentials: true
content-length: 0

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 2664 3 B
355 B 908ms
205ms XHR
application/json 142.250.71.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.74 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://give.wta.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/en_au/ Frame 2664 256 KB
56 KB 7ms
5ms Script
text/javascript 142.250.71.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/intl/en_au/common.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.74 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f10.1e100.net

Software

sffe /

Resource Hash

bfe8327ddbede8552f3be2f68683686b2f428e7d1bd8605ee39efcc6fe486b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:59:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 382489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57591
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 01:59:00 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/en_au/ Frame 2664 173 KB
54 KB 11ms
9ms Script
text/javascript 142.250.71.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/intl/en_au/util.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.74 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f10.1e100.net

Software

sffe /

Resource Hash

96491d8a92795172d033c1d5e68497af50a6ccccd555b176060a8170076c4773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:57:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 379000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55246
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 02:57:09 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/en_au/ Frame 2664 91 KB
24 KB 4ms
3ms Script
text/javascript 142.250.71.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/intl/en_au/controls.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.74 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f10.1e100.net

Software

sffe /

Resource Hash

340c876aef112513c4a55b0e44afacb83ac744b736b831aac47481e1f7d9b0c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 10:05:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 353310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24508
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 10:05:19 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/en_au/ Frame 2664 48 KB
16 KB 13ms
12ms Script
text/javascript 142.250.71.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/intl/en_au/places_impl.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.74 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f10.1e100.net

Software

sffe /

Resource Hash

808caae27d0a753baa1de1f3459f557ba3b3973ab020b430bade9376ca52d222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 20:42:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 315064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16335
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 20:42:45 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame D7CA 156 B
670 B 468ms
156ms XHR
application/json 44.228.215.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-215-240.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c6a65653335f38d5a95cf4c7e26b7684ed81593c1dce1c58e98cb9dfe9816e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333630256325
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1703333630256061
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

OPTIONS
H2 200 /
notify.bugsnag.com/ Frame 0
0 458ms
141ms Preflight 35.186.205.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.205.6 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 6.205.186.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://give.wta.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 23 Dec 2023 12:13:50 GMT
via: 1.1 google

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 2664 279 KB
92 KB 118ms
117ms Script
application/javascript 172.217.167.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X2896S29J5&l=dataLayer&cx=c

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

730e08e551242665eb3a7488da43eb422b172bb79796e543d8f9c08ceaa63899

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93794
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 12:13:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 2664 52 KB
21 KB 2ms
2ms Script
text/javascript 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 11:52:41 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1268
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 23 Dec 2023 13:52:41 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/881910575/ Frame 2664 3 KB
1 KB 105ms
104ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/881910575/?random=1703333629883&cv=11&fst=1703333629883&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72062968&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F&ref=https%3A%2F%2Fwww.wta.org%2F&top=https%3A%2F%2Fwww.wta.org%2F&hn=www.googleadservices.com&frm=2&tiba=Donate%20to%20Before%20You%20Hike%2C%20Donate%20to%20WTA&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

aa8ab3549ed213236781bea0609d4f120a7c74e8c1792579d95587ba9424b258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1297
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ Frame 2664 77 KB
24 KB 5ms
5ms Script
text/javascript 18.67.93.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-14.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd133f65e4b01d44b31ed450c2ded840f5a6074797571452aa74bf965b00e0f2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: mwpgId4D.xsRaz2Lp3akH7EyTXFzbDSi
Content-Encoding: gzip
Via: 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront)
Date: Sat, 23 Dec 2023 12:04:31 GMT
Age: 559
X-Amz-Cf-Pop: SYD62-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 20 Dec 2023 19:07:27 GMT
Server: AmazonS3
Etag: W/"577e468d019c21bc05275d07caaff423"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: zZY5BFobG7u8fiNu_26CB3d4e1W3em5ND0m57opr5uay4K6gM88EZg==

GET
H2 200 6935.js Show response
script.crazyegg.com/pages/scripts/0090/ Frame 2664 6 KB
2 KB 11ms
10ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0090/6935.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7438e048dc7be6775abfd013639ddf9910583e02a6a322aad4248fb0f05bb714

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 10895
cf-polished: origSize=6112
ce-version: 11.5.164
cf-bgj: minify
last-modified: Sat, 23 Dec 2023 09:12:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 83a08552d891573e-SYD

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 2664 202 KB
53 KB 4ms
2ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 23 Dec 2023 12:13:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: QJWg7Cyk68kSvH9F/Bjj9NOPn469CUj/9VlLCnp9KCPE9szGZVJ6FUBeJiYYGkCjT4plxAYbu3JrutN/L/aVrw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame 2664 56 B
361 B 7ms
5ms Script
text/javascript 23.38.129.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.38.129.67 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-38-129-67.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:49 GMT
server: Oracle API Gateway
opc-request-id: /7DA1AB0DE5A41A459460AF2C4B664A90/F6EBD77E5D1EF9A49B2C6278AA78E39C
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
notify.bugsnag.com/ Frame 2664 2 B
104 B 144ms
144ms XHR
text/plain 35.186.205.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.205.6 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 6.205.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4.0
Referer: https://give.wta.org/
Bugsnag-Sent-At: 2023-12-23T12:13:49.907Z
accept-language: en-AU,en;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 23 Dec 2023 12:13:50 GMT
via: 1.1 google
bugsnag-event-id: 6586cefe00cf54ced1970000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 give.wta.org.json Show response
script.crazyegg.com/pages/data-scripts/0090/6935/site/ Frame 3EA0 21 KB
4 KB 10ms
10ms XHR
application/json 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0090/6935/site/give.wta.org.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0090/6935.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27ec9be9af3315355736ddb8b8da35cf36b96ec9941f0a7c1969ea46a6704b46

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 17614
ce-version: 11.5.164
content-length: 3855
last-modified: Sat, 23 Dec 2023 07:20:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a085531e946a6c-SYD

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/ Frame 2664
Redirect Chain

https://s.adroll.com/j/pre/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
733 B

6ms
4ms

Script
application/javascript

18.67.93.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: HTTP/1.1
Server: 18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-14.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 05:39:18 GMT
X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
Age: 23672
X-Amz-Cf-Pop: SYD62-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: PSJqZZLI5XPgWBBAFmg_p52vc52hUEeL1FxGTjsG_3_76Hv8IXmoBw==

Redirect headers

Date: Sat, 23 Dec 2023 09:12:12 GMT
Via: 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront)
Age: 10895
X-Amz-Cf-Pop: SYD62-P1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: FxI0tJ-3i-jwv8IN0dDj3cOwZvlqh1vmH6XnUMpzI4XPAlrePFoRaA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/ Frame 2664 0
808 B 8ms
7ms Script
text/javascript 18.67.93.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/index.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-14.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: NzfXy51OOlu.bIADsXHu2.Z8BcgLt03j
Date: Sat, 23 Dec 2023 11:59:26 GMT
Via: 1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
Age: 864
X-Amz-Cf-Pop: SYD62-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Fri, 22 Dec 2023 18:33:36 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: q0QqkOrcluK1rz_SEoHRtk02SEOzEdQILfFhuYHmMS3zhMaxGr0wYw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 2664 3 B
86 B 99ms
98ms XHR
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1348495817&t=pageview&_s=1&dl=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F&dr=https%3A%2F%2Fwww.wta.org%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Before%20You%20Hike%2C%20Donate%20to%20WTA&sd=24-bit&sr=1600x1200&vp=420x592&je=0&_u=QACAAAABAAAAAC~&jid=&gjid=&cid=130673013.1703333626&tid=UA-2999782-1&_gid=1015370408.1703333626&_slc=1&gtm=45He3bt0n71PB9K2Zv72062968&gcd=11l1l1l1l1&dma=0&z=598891866

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.wta.org/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.wta.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1556220604666536 Show response
connect.facebook.net/signals/config/ Frame 2664 143 KB
36 KB 4ms
3ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1556220604666536?v=2.9.138&r=stable&domain=www.wta.org

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

2d066e10f43fa3becd5b621641887bf41b6ddddb91b25cf1169f3cd46a5db5be

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 23 Dec 2023 12:13:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37168
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: +nWOjM4xjomq3JmQ8t+yn86NSY4fJ6Tt+HlQliqx3NYvwhz6rPCDdHghBab1V9x6NAifSBAaPcwZPJOOuk8tBw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 470d23904020258879cef09100c24692.js Show response
script.crazyegg.com/pages/versioned/commontransformations-scripts/ Frame 2664 138 KB
46 KB 11ms
9ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/470d23904020258879cef09100c24692.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098d0c70f5c83c0b2b02a8b518ebd62560ec999794b3112f79725f193783bba3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 07:22:35 GMT
server: cloudflare
age: 87761
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a085535900573e-SYD
content-length: 46668

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ Frame 2664 2 KB
2 KB 519ms
102ms Image
image/png 142.250.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f3.1e100.net

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Sat, 23 Dec 2023 12:13:50 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ Frame 2664 3 KB
4 KB 517ms
100ms Image
image/png 142.250.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f3.1e100.net

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Sat, 23 Dec 2023 12:13:50 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 2664 0
54 B 14ms
0ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1556220604666536&ev=PageView&dl=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo&rl=https%3A%2F%2Fwww.wta.org%2F&if=true&ts=1703333629999&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703333626490.572669952&cs_est=true&ler=other&it=1703333629964&coo=false&rqm=GET

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 23 Dec 2023 12:13:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/881910575/ Frame 2664 42 B
108 B 119ms
117ms Image
image/gif 142.250.71.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/881910575/?random=1703333629883&cv=11&fst=1703332800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72062968&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F&ref=https%3A%2F%2Fwww.wta.org%2F&frm=2&tiba=Donate%20to%20Before%20You%20Hike%2C%20Donate%20to%20WTA&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_5wMWfaEOqiBpO9yj67xdktt4IdEk7bpvwDJkvvkWfHjYFgqv&random=2980207746&rmt_tld=0&ipr=y

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.68 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/881910575/ Frame 2664 42 B
108 B 105ms
104ms Image
image/gif 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/881910575/?random=1703333629883&cv=11&fst=1703332800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72062968&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F&ref=https%3A%2F%2Fwww.wta.org%2F&frm=2&tiba=Donate%20to%20Before%20You%20Hike%2C%20Donate%20to%20WTA&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_5wMWfaEOqiBpO9yj67xdktt4IdEk7bpvwDJkvvkWfHjYFgqv&random=2980207746&rmt_tld=1&ipr=y

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 give.wta.org.json Show response
script.crazyegg.com/pages/data-scripts/0090/6935/sampling/ Frame 3EA0 152 B
250 B 247ms
247ms XHR
application/json 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0090/6935/sampling/give.wta.org.json?t=473148
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/470d23904020258879cef09100c24692.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3268809ba48a7c060b0f6b57cc9241cc34f534635edd0eb3e28dd1ff9111f0ee

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 23 Dec 2023 12:13:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.164
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a08553cefa6a6c-SYD
content-length: 144

GET
H2 200 2TG3XTR6EVDYDA5AVXLEFZ Show response
d.adroll.com/consent/check/ Frame 2664 509 B
1012 B 177ms
175ms Script
application/javascript 18.136.156.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/2TG3XTR6EVDYDA5AVXLEFZ?pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo&_s=fa5fd0faffd33406d87347441718361b&_b=2
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.136.156.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-156-172.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 90821453245b09d8b8a5a6ca943999a2fbd063868f6acacc73f511b625c81b7c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 509
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame C034 19 KB
8 KB 172ms
170ms Document
text/html 64.233.170.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f92.1e100.net

Software

ESF /

Resource Hash

7d22a464c8b914807cefbe9b951417188ebf4429811f6e314dadbf447a09b08d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-kqaQCzGc07PlF9h9OZPV5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-kqaQCzGc07PlF9h9OZPV5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sat, 23 Dec 2023 12:13:50 GMT
expires: Sat, 23 Dec 2023 12:13:50 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 156ms
155ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:50 GMT
x-stripe-server-envoy-start-time-us: 1703333630163618
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703333630163097
access-control-allow-credentials: true
content-length: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 524F 2 KB
3 KB 272ms
251ms Fetch
application/json 198.202.176.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7913b34e7335e9277812dab8bea796816ef66e7748a14ce02545c91172b74551

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2467
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 5CB2 19 KB
8 KB 171ms
169ms Document
text/html 64.233.170.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f92.1e100.net

Software

ESF /

Resource Hash

42065d8a90c8f72e17d686618f1bc887b6b16676177f3d1d006d2938434a4a07

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5SlJUYt-EXl8PNqFm8ObXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5SlJUYt-EXl8PNqFm8ObXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sat, 23 Dec 2023 12:13:50 GMT
expires: Sat, 23 Dec 2023 12:13:50 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js Show response
give.wta.org/sso/ssobuild/js/ Frame 2664 12 KB
5 KB 31ms
31ms XHR
application/javascript 104.18.124.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.wta.org/sso/ssobuild/js/iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.124.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-a1a7fb329870c6b0----1703333630147
traceparent: 00-c2dc97a01e08e9ae67d32276953a1ce0-a1a7fb329870c6b0-01
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhMWE3ZmIzMjk4NzBjNmIwIiwidHIiOiJjMmRjOTdhMDFlMDhlOWFlNjdkMzIyNzY5NTNhMWNlMCIsInRpIjoxNzAzMzMzNjMwMTQ3fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.wta.org/give/484340/
X-Requested-With: XMLHttpRequest

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 21:58:14 GMT
cf-bgj: minify
server: cloudflare
age: 10751
etag: W/"657785f6-316e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 83a08554697c5d2c-SYD
expires: Sun, 22 Dec 2024 09:14:39 GMT

POST
H2 204 collect
analytics.google.com/g/ Frame 2664 0
70 B 108ms
107ms Ping
text/plain 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-X2896S29J5&gtm=45je3bt0v868594482z872062968&_p=1703333628436&gcd=11l1l1l1l1&dma=0&cid=130673013.1703333626&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1703333626&sct=1&seg=1&dl=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F&dr=https%3A%2F%2Fwww.wta.org%2F&dt=Donate%20to%20Before%20You%20Hike%2C%20Donate%20to%20WTA&en=page_view&tfd=4743
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.wta.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 status Show response
give.wta.org/sso/ Frame 2664 88 B
1 KB 920ms
920ms XHR
application/javascript 104.18.124.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.wta.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery3610562570894708484_1703333630142&_=1703333630143

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.124.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc813c7da1f0a26d9a379a9e3345beaa272bf1ae2c0fb30ace88cbde681c131f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-bdf0624f40dbc410----1703333630211
traceparent: 00-2558fff966417162baa08b8e0c332d70-bdf0624f40dbc410-01
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiZGYwNjI0ZjQwZGJjNDEwIiwidHIiOiIyNTU4ZmZmOTY2NDE3MTYyYmFhMDhiOGUwYzMzMmQ3MCIsInRpIjoxNzAzMzMzNjMwMjExfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.wta.org/give/484340/
X-Requested-With: XMLHttpRequest

Response headers

date: Sat, 23 Dec 2023 12:13:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-security-policy: frame-ancestors 'self' https://*.classy.org;
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache, private
cf-ray: 83a08554d9b55d2c-SYD
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

I5T3ZRQJSJBB5CDQLBSTMS.js Show response
s.adroll.com/pixel/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/ Frame 2664
Redirect Chain

https://d.adroll.com/pixel/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F4...
https://s.adroll.com/pixel/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/I5T3ZRQJSJBB5CDQLBSTMS.js

3 KB
2 KB

4ms
4ms

Script
text/javascript

18.67.93.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/I5T3ZRQJSJBB5CDQLBSTMS.js
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: HTTP/1.1
Server: 18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-14.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6387f0117d25827d43301b00a292c6ab26d0deca579415e512e57952eb16d03c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: pLA7LAuziTJLfZcq4MoqNrCsK_qQpByn
Content-Encoding: gzip
Via: 1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
Date: Sat, 23 Dec 2023 12:13:48 GMT
Age: 2
X-Amz-Cf-Pop: SYD62-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 21 Dec 2023 11:01:41 GMT
Server: AmazonS3
Etag: W/"db55f43110200a0d19bb857f9ea431e0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: sE0yWW-dMFM3NZIPMGEY6M_attWPxX_u9HSud2dBot1BIv4Wz3QWLg==

Redirect headers

date: Sat, 23 Dec 2023 12:13:50 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: p
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.22.1
x-rule: *
x-segment-eid: I5T3ZRQJSJBB5CDQLBSTMS
location: https://s.adroll.com/pixel/2TG3XTR6EVDYDA5AVXLEFZ/6HR7GZHSUVCVZHT63Z2H3U/I5T3ZRQJSJBB5CDQLBSTMS.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: 6HR7GZHSUVCVZHT63Z2H3U
x-segment-name: *
x-advertisable-eid: 2TG3XTR6EVDYDA5AVXLEFZ
x-conversion-currency

GET
H2 200 payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html Show response
js.stripe.com/v3/ Frame 8CED 408 B
979 B 17ms
17ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

759813d8a110733c43a0ffa3f09f267f94df572b482fd7bc050c66edabedc8e9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.wta.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 54076
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 12:13:50 GMT
etag: "195e55d1b52949b175298b3e54db37fd"
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1115
x-content-type-options: nosniff
x-request-id: edeac179-829c-439e-81fe-48239f9e18c3
x-served-by: cache-bne12527-BNE

GET
H2 200 payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html Show response
js.stripe.com/v3/ Frame A6AA 344 B
1 KB 16ms
16ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ed239f990af2e4be1964ed4f17fe93eb53315dd9590386a241d2325b376f196d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.wta.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 12:13:50 GMT
etag: "434e8078d5c09b7f511e68744cf1c8cd"
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 7d3fc706-d173-45ee-9dd5-bdda3d34a09b
x-served-by: cache-bne12527-BNE

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame C034 159 KB
57 KB 432ms
0ms Script
text/javascript 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrggnGfTFx3XyHaDNbms4pfQ_DmHyg/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

sffe /

Resource Hash

51bf499751a19c673124ea1e650359f15dd39f753aa223d2b7e2b68a65dcbd36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57332
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 13:07:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 01:15:21 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 156ms
156ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:50 GMT
x-stripe-server-envoy-start-time-us: 1703333630354782
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703333630354221
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 155ms
154ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:50 GMT
x-stripe-server-envoy-start-time-us: 1703333630356981
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703333630356567
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 165ms
153ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:50 GMT
x-stripe-server-envoy-start-time-us: 1703333630369486
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703333630369302
access-control-allow-credentials: true
content-length: 0

POST
H2 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame C034 2 KB
2 KB 214ms
203ms Other
text/html 64.233.170.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f92.1e100.net
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame 5CB2 159 KB
56 KB 415ms
0ms Script
text/javascript 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

sffe /

Resource Hash

51bf499751a19c673124ea1e650359f15dd39f753aa223d2b7e2b68a65dcbd36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57332
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 13:07:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 01:15:21 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ Frame 3EA0 19 B
468 B 264ms
264ms XHR
application/json 54.192.150.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/470d23904020258879cef09100c24692.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-73.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 23:27:18 GMT
via: 1.1 c76b6f80cec204bcd24e411dd51125fc.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-C1
age: 6612392
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: ugMsHsi8sWQNd3XXbl5vtHjGRJH65fwwQ5YhWFkPSj4lC_WhnoZ7Kg==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ Frame 3EA0 19 B
470 B 263ms
262ms XHR
application/json 13.227.254.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/470d23904020258879cef09100c24692.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-86.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 18:50:31 GMT
via: 1.1 3c724fc8704aec61a7bab068ccd978fe.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 7579400
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: 7OD2k19F5wNZfCmku6SIFROZvgXPAIPObi0KK7EX0nYAty6ZVnQA8Q==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 8CED 120 KB
36 KB 160ms
160ms Script
application/javascript 64.233.170.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f92.1e100.net

Software

ESF /

Resource Hash

f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6zWg34AK1jNuc8NSTJxFeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6zWg34AK1jNuc8NSTJxFeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 23 Dec 2023 12:13:50 GMT

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8CED 531 KB
130 KB 19ms
19ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:50 GMT
via: 1.1 varnish
age: 54137
x-cache: HIT
content-length: 132620
x-request-id: 3bfed99d-080e-45de-ae90-c048c1fb09cc
x-served-by: cache-bne12527-BNE
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Fastly
etag: "cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27595

GET
H2 200 payment-request-inner-google-pay-1c2b8933acfb718f7ad8ea902a01c962.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8CED 12 KB
5 KB 21ms
20ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-1c2b8933acfb718f7ad8ea902a01c962.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

473efdf61f08fc2ad04df7be0d974c921dea47ac2ea5c6b848a75f6b5db1da73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:50 GMT
via: 1.1 varnish
age: 140083
x-cache: HIT
content-length: 5076
x-request-id: e7538b0f-779a-4952-bdd1-741affa4ab45
x-served-by: cache-bne12527-BNE
last-modified: Thu, 21 Dec 2023 21:05:35 GMT
server: Fastly
etag: "c1a7d86250f7fde747d6585463beef22"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2936

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A6AA 531 KB
130 KB 19ms
18ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:50 GMT
via: 1.1 varnish
age: 54137
x-cache: HIT
content-length: 132620
x-request-id: a849e4d3-cdde-45e1-ac08-29d54f407ce7
x-served-by: cache-bne12527-BNE
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Fastly
etag: "cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27596

GET
H2 200 payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A6AA 13 KB
6 KB 19ms
18ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:50 GMT
via: 1.1 varnish
age: 150806
x-cache: HIT
content-length: 5654
x-request-id: 1d7a8bdb-dc9d-4da5-90b6-d9a3c6867478
x-served-by: cache-bne12527-BNE
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Fastly
etag: "9d64070358354c97251ee8d4e282ba7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8210

POST
H2 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 5CB2 2 KB
2 KB 195ms
194ms Other
text/html 64.233.170.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f92.1e100.net
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
BLOB 200
OK 46d5f075-1a0e-4305-9f20-de25ddff7b3e
https://give.wta.org/ Frame 2664 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://give.wta.org/46d5f075-1a0e-4305-9f20-de25ddff7b3e
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

POST
H2 200 csp-report
q.stripe.com/ Frame 8CED 0
717 B 159ms
157ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333630413451
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703333630412522
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8CED 0
717 B 156ms
154ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333630413181
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703333630412577
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A6AA 0
717 B 157ms
156ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333630414329
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703333630413587
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A6AA 0
717 B 154ms
154ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333630414064
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703333630413625
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame D7CA 156 B
669 B 155ms
155ms XHR
application/json 44.228.215.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-215-240.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c6a65653335f38d5a95cf4c7e26b7684ed81593c1dce1c58e98cb9dfe9816e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333630445810
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1703333630445499
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame D7CA 156 B
669 B 203ms
201ms XHR
application/json 44.228.215.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-215-240.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c6a65653335f38d5a95cf4c7e26b7684ed81593c1dce1c58e98cb9dfe9816e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333630495957
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1703333630495694
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 156ms
154ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:50 GMT
x-stripe-server-envoy-start-time-us: 1703333630471737
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703333630471616
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/events/1/ Frame 2664 24 B
400 B 224ms
223ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/67fe2a1b26?a=363721230&v=1.249.0&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=4973&ck=0&s=38b18a023a555570&ref=https://give.wta.org/give/484340/
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://give.wta.org/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 23 Dec 2023 12:13:50 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://give.wta.org
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 83a085563b57a801-SYD
Content-Length: 24

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ Frame 2664 8 KB
3 KB 6ms
5ms Script
text/javascript 18.67.93.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-14.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: kaomAQKNRR_7Pb.3Bms_Xue6LaAItEu.
Content-Encoding: gzip
Via: 1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
Date: Sat, 23 Dec 2023 12:11:13 GMT
Age: 158
X-Amz-Cf-Pop: SYD62-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 21 Jun 2023 16:22:01 GMT
Server: AmazonS3
Etag: W/"4a64112c69b3c4b3f104f38d9547a094"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: wmzutkgd3nY8Eodm9k8EZBXChXO4BEB1vRD-AvnJlGfDtC8DPNh7fg==

GET
H/1.1

200
OK

sync
x.bidswitch.net/ Frame 2664
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dt...
https://x.bidswitch.net/sync?dsp_id=44&user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU

43 B
235 B

127ms
110ms

Image
image/gif

35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=44&user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: HTTP/1.1
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 12:13:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=44&user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 96
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 out
d.adroll.com/cm/g/ Frame 2664 42 B
535 B 182ms
176ms Image
image/gif 18.136.156.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo&advertisable=2TG3XTR6EVDYDA5AVXLEFZ
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.136.156.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-156-172.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 42
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2664
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expiration=1734869630

43 B
766 B

120ms
114ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expiration=1734869630
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBhok8mfTspsiKq6OV7zNbTCLWxMpxWt8Z%2BvE0NBffidqvVFblG2W2ivTJ%2BSzHCWcYDoCjgixsMCmWv5mrt6Ei2I5A9BGEObfXZv1XAOo0tnw2tRbGnwLRLIVlM3zbZ6t3mciOQD2VxSOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a08557ab5eaac1-SYD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expiration=1734869630
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 139
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H3

200

396846.gif
idsync.rlcdn.com/ Frame 2664
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dt...
https://idsync.rlcdn.com/377928.gif?partner_uid=1d9f14ab0823b4b2f025f6431b52178e
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=3e8e6b34-a754-4473-ab51-df52c8ba3a6e

42 B
60 B

187ms
187ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=3e8e6b34-a754-4473-ab51-df52c8ba3a6e
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:51 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Sat, 23 Dec 2023 12:13:50 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=3e8e6b34-a754-4473-ab51-df52c8ba3a6e
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2664
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dt...
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expires=365

42 B
952 B

191ms
186ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expires=365
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d264e84c9dc1a645a3048554992c5d82
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&expires=365
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 2664
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dt...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=1d9f14ab0823b4b2f025f6431b52178e&gdpr=0&gdpr_consent=

43 B
61 B

117ms
111ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=1d9f14ab0823b4b2f025f6431b52178e&gdpr=0&gdpr_consent=
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537103138&val=1d9f14ab0823b4b2f025f6431b52178e&gdpr=0&gdpr_consent=
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 108
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 2664
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=&us_privacy=1---

0
287 B

161ms
156ms

Image
text/plain

66.225.223.95
NTTA-3946

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: HTTP/1.1
Server: 66.225.223.95 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS: sa.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 12:13:50 GMT
Cache-Control: no-cache
X-TraceId: 02b1dd81de0a8017a661bb3511f4db81
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=&us_privacy=1---
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 137
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2664
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
391 B

192ms
186ms

Image
image/gif

207.65.33.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H2
Server: 207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 23 Dec 2023 12:13:50 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/ Frame 2664
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dt...
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
310 B

189ms
182ms

Image
text/plain

13.228.126.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Server

13.228.126.19 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 169
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/ Frame 2664
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3F...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU

0
366 B

189ms
184ms

Image
text/plain

141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H2
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 179191

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/ Frame 2664
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout...
https://eb2.3lift.com/xuid?mid=4714&xuid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&dongle=c85e

37 B
354 B

96ms
95ms

Image
image/gif

35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4714&xuid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&dongle=c85e
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H2
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 23 Dec 2023 12:13:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4714&xuid=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&dongle=c85e
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 102
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

setuid
ib.adnxs.com/ Frame 2664
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230&pv=17108775520.064934&arrfrr=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dt...
https://ib.adnxs.com/setuid?entity=172&code=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU

43 B
860 B

184ms
184ms

Image
image/gif

103.43.90.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Server

103.43.90.53 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
an-x-request-uuid: c7c2fbc1-0b9e-4ac8-bf93-66f12fb863e0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 66.203.112.162; 66.203.112.162; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/setuid?entity=172&code=MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU
pragma: no-cache
date: Sat, 23 Dec 2023 12:13:50 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 93
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame D797 19 KB
8 KB 184ms
171ms Document
text/html 64.233.170.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f92.1e100.net

Software

ESF /

Resource Hash

d6ad4ff28e8f0e188b3906055cc809447d8a245ee22715cc9715f922bbf3ef68

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WAy-yU_oCs2yZNhWf8X65Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WAy-yU_oCs2yZNhWf8X65Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sat, 23 Dec 2023 12:13:50 GMT
expires: Sat, 23 Dec 2023 12:13:50 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 d9b6b28e3d84db3e4c966a5cf73af402.js Show response
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ Frame 2664 20 KB
8 KB 9ms
9ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/d9b6b28e3d84db3e4c966a5cf73af402.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Dec 2023 11:44:16 GMT
server: cloudflare
age: 87764
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a085575bd2573e-SYD
content-length: 8025

GET
H2 200 781bc412f56e01faa636bd8b5d50f169.js Show response
script.crazyegg.com/pages/versioned/tracking-scripts/ Frame 2664 94 KB
30 KB 39ms
14ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/tracking-scripts/781bc412f56e01faa636bd8b5d50f169.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 678c0bf2781144577d5db7cf03a4fa016b90e1d22d2a0249e3ed88b20a9fdf98

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Dec 2023 11:44:13 GMT
server: cloudflare
age: 87764
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a08557ac01573e-SYD
content-length: 30686

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIA... Frame C034 73 KB
27 KB 32ms
9ms Script
text/javascript 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgA0Ag7BGPPJwYUBV79paovzI37tQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrggnGfTFx3XyHaDNbms4pfQ_DmHyg/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

sffe /

Resource Hash

aeb652b78321c44ec942fe266f5a17cf8df9b3ac211575a05a59ceb2e9b7d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27246
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 16:21:23 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame D797 159 KB
56 KB 10ms
5ms Script
text/javascript 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

sffe /

Resource Hash

51bf499751a19c673124ea1e650359f15dd39f753aa223d2b7e2b68a65dcbd36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57332
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 13:07:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 01:15:21 GMT

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIA... Frame 5CB2 73 KB
27 KB 10ms
9ms Script
text/javascript 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

sffe /

Resource Hash

aeb652b78321c44ec942fe266f5a17cf8df9b3ac211575a05a59ceb2e9b7d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27246
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 16:21:23 GMT

POST
H2 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame D797 2 KB
2 KB 199ms
193ms Other
text/html 64.233.170.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.wta.org
URL: https://www.wta.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f92.1e100.net
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 158ms
155ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:50 GMT
x-stripe-server-envoy-start-time-us: 1703333630873036
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703333630872361
access-control-allow-credentials: true
content-length: 0

GET
H2 200 pay Show response
pay.google.com/gp/p/ui/ Frame C034 1 MB
377 KB 180ms
177ms XHR
text/html 64.233.170.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f92.1e100.net

Software

ESF /

Resource Hash

ebd30bdfe1071441b756d099179e0174c70d21ff6e4476f7a484946fa42fae3e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RdvT0e0WAHAFgK7QDHwLWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RdvT0e0WAHAFgK7QDHwLWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 23 Dec 2023 12:13:50 GMT

GET
H2 200 pay Show response
pay.google.com/gp/p/ui/ Frame 5CB2 1 MB
376 KB 199ms
199ms XHR
text/html 64.233.170.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f92.1e100.net

Software

ESF /

Resource Hash

a5d35ef4f0f4057a020f041a10f2615045792458e835b10afb43c006c9040943

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-11raJYehe5mDSuSuDdyJIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-11raJYehe5mDSuSuDdyJIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 23 Dec 2023 12:13:50 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIA... Frame C034 9 KB
4 KB 9ms
3ms Script
text/javascript 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgA0Ag7BGPPJwYUBV79paovzI37tQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

sffe /

Resource Hash

321ece339bc501c3ccf8e6efae0f0ceba66b87667ea5dbbd3a44a795f21cf44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3735
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 02:31:05 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIA... Frame C034 37 KB
14 KB 8ms
2ms Script
text/javascript 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgA0Ag7BGPPJwYUBV79paovzI37tQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

sffe /

Resource Hash

8479e373905a24b0dc0efb290d9de9d2e2ed2ccadf74826b4ab6c2cc2ff56099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 14:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14274
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 14:23:27 GMT

POST
H2 200 log Show response
play.google.com/ Frame C034 131 B
196 B 867ms
173ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 540ms
136ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame C034 131 B
196 B 871ms
172ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 534ms
133ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 536ms
139ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame C034 131 B
196 B 862ms
175ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 519ms
134ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame C034 131 B
196 B 870ms
171ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 522ms
140ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame C034 131 B
426 B 857ms
170ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIA... Frame D797 73 KB
27 KB 3ms
3ms Script
text/javascript 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

sffe /

Resource Hash

aeb652b78321c44ec942fe266f5a17cf8df9b3ac211575a05a59ceb2e9b7d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27246
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 16:21:23 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIA... Frame 5CB2 9 KB
4 KB 2ms
2ms Script
text/javascript 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgA0Ag7BGPPJwYUBV79paovzI37tQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

sffe /

Resource Hash

321ece339bc501c3ccf8e6efae0f0ceba66b87667ea5dbbd3a44a795f21cf44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3735
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 02:31:05 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIA... Frame 5CB2 37 KB
14 KB 3ms
3ms Script
text/javascript 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgA0Ag7BGPPJwYUBV79paovzI37tQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

sffe /

Resource Hash

8479e373905a24b0dc0efb290d9de9d2e2ed2ccadf74826b4ab6c2cc2ff56099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 14:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14274
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 14:23:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 497ms
138ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 5CB2 131 B
196 B 862ms
173ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 494ms
138ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 5CB2 131 B
196 B 863ms
174ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 492ms
138ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 488ms
137ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 489ms
140ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 5CB2 131 B
196 B 862ms
173ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 log Show response
play.google.com/ Frame 5CB2 131 B
196 B 862ms
172ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 log Show response
play.google.com/ Frame 5CB2 131 B
196 B 860ms
173ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 483ms
138ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame C034 131 B
196 B 860ms
172ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 156ms
155ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:51 GMT
x-stripe-server-envoy-start-time-us: 1703333631013576
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703333631013154
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 471ms
142ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 5CB2 131 B
196 B 857ms
171ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 155ms
155ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:51 GMT
x-stripe-server-envoy-start-time-us: 1703333631029168
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703333631028928
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 157ms
155ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:51 GMT
x-stripe-server-envoy-start-time-us: 1703333631038379
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703333631038222
access-control-allow-credentials: true
content-length: 0

GET
H2 200 pay Show response
pay.google.com/gp/p/ui/ Frame D797 1 MB
377 KB 310ms
310ms XHR
text/html 64.233.170.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f92.1e100.net

Software

ESF /

Resource Hash

c174ae41679451563a26607b6729e3ae6799b434e49e8f38aaf528c896349b9e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-oaU4fXDP9QHFTfYZd7R8-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-oaU4fXDP9QHFTfYZd7R8-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 23 Dec 2023 12:13:51 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 165ms
162ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:51 GMT
x-stripe-server-envoy-start-time-us: 1703333631061526
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703333631061180
access-control-allow-credentials: true
content-length: 0

GET
H2 200 GooglePay-logo.svg
give.wta.org/static/global/images/digitalWallets/ Frame 2664 3 KB
1 KB 29ms
27ms Image
image/svg+xml 104.18.124.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.wta.org/static/global/images/digitalWallets/GooglePay-logo.svg

Requested by

Host: www.wta.org
URL: https://www.wta.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.124.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/give/484340/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:13:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:06:14 GMT
server: cloudflare
age: 1462567
etag: W/"655e9776-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 83a08559cdd85d2c-SYD
expires: Thu, 05 Dec 2024 13:57:44 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 164ms
150ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:51 GMT
x-stripe-server-envoy-start-time-us: 1703333631088549
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703333631088359
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIA... Frame D797 9 KB
4 KB 7ms
0ms Script
text/javascript 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgA0Ag7BGPPJwYUBV79paovzI37tQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

sffe /

Resource Hash

321ece339bc501c3ccf8e6efae0f0ceba66b87667ea5dbbd3a44a795f21cf44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3735
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 02:31:05 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIA... Frame D797 37 KB
14 KB 6ms
0ms Script
text/javascript 172.217.167.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.YdcqkS5vMbo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgA0Ag7BGPPJwYUBV79paovzI37tQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f3.1e100.net

Software

sffe /

Resource Hash

8479e373905a24b0dc0efb290d9de9d2e2ed2ccadf74826b4ab6c2cc2ff56099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 14:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14274
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 14:23:27 GMT

POST
H2 200 log Show response
play.google.com/ Frame D797 131 B
196 B 731ms
171ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 537ms
273ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame D797 131 B
196 B 859ms
171ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 398ms
139ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame D797 131 B
196 B 876ms
178ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 392ms
135ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame D797 131 B
196 B 864ms
173ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 389ms
136ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame D797 131 B
196 B 864ms
174ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 389ms
137ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame D797 131 B
196 B 862ms
172ms XHR
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 12:13:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 371ms
137ms Preflight
text/plain 172.217.167.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 159ms
157ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:51 GMT
x-stripe-server-envoy-start-time-us: 1703333631126417
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703333631125739
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 524F 0
273 B 156ms
156ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 12:13:51 GMT
x-stripe-server-envoy-start-time-us: 1703333631132009
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703333631131706
access-control-allow-credentials: true
content-length: 0

POST
H2 204 collect
analytics.google.com/g/ Frame 2664 0
54 B 105ms
104ms Ping
text/plain 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-X2896S29J5&gtm=45je3bt0v868594482&_p=1703333628436&gcd=11l1l1l1l1&dma=0&cid=130673013.1703333626&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=2&sid=1703333626&sct=1&seg=1&dl=https%3A%2F%2Fgive.wta.org%2Fgive%2F484340%2F&dr=https%3A%2F%2Fwww.wta.org%2F&dt=Donate%20to%20Before%20You%20Hike%2C%20Donate%20to%20WTA&en=scroll&epn.percent_scrolled=90&tfd=5688
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 12:13:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.wta.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame D7CA 156 B
669 B 155ms
154ms XHR
application/json 44.228.215.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-215-240.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c6a65653335f38d5a95cf4c7e26b7684ed81593c1dce1c58e98cb9dfe9816e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sat, 23 Dec 2023 12:13:53 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703333633387617
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1703333633387084
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2664 176 B
428 B 14ms
13ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://give.wta.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 12:13:54 GMT
via: 1.1 varnish
age: 150802
x-cache: HIT
content-length: 127
x-request-id: e6e39408-92be-4767-a832-42aa10b1f733
x-served-by: cache-bne12527-BNE
last-modified: Thu, 21 Dec 2023 18:13:43 GMT
server: Fastly
etag: "96f5b26d366f47393b3ff36fe7471474"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20456

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.wta.org/	1970-01-21 01:54:29	Name: popform-winter-appeal-2023 Value: 1
.classy.org/	1970-01-20 17:08:55	Name: __cf_bm Value: HCx05VaHuJamOspkJjjB0N76L2_lvKUaMgzvPS25kvU-1703333625-1-AQOVC4Yt3FOcHMW0SK9CRDwMtEYS0yMrgsCPOdBka6yZt5wHQLqJpacnBePOoa7b7rn22jlec9Nyqn+SEtUIGNI=
.classy.org/	1969-12-31 23:59:59	Name: _cfuvid Value: bb4WSlrcrUdFShYaj.RfEWm9rf4PPoijyGQ2l92Ith8-1703333625438-0-604800000
.wta.org/	1970-01-20 17:10:20	Name: _gid Value: GA1.2.1015370408.1703333626
.wta.org/	1970-01-20 17:08:53	Name: _gat_UA-2999782-1 Value: 1
.wta.org/	1970-01-20 19:18:29	Name: _fbp Value: fb.1.1703333626490.572669952
.wta.org/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.wta.org/	1969-12-31 23:59:59	Name: cebs Value: 1
.www.wta.org/	1970-01-21 01:54:51	Name: __adroll_fpc Value: 3f5d429e7c0d612969ae019303c78ceb-1703333627256
give.wta.org/	1970-01-21 02:44:53	Name: connect.sid Value: s%3AK02QyZqJ0N4fbX7VTH7sVvL0XwzeF1q-.o43mgIjAiK79IOiYEdv7JJSJrecuI1AdjqQeNDQsJjo
.give.wta.org/	1970-01-20 17:08:55	Name: __cf_bm Value: Rzgbq67VnMaglX6p59T3icjt3oD3pFRa2qKjHtcXyn4-1703333627-1-ARCynEQfK0X+jUG2YBF5GAHDC5o7wiHX1KR0xhd+IrQVEOi0pKmHnfPySgG27+IsIBXMu1PPuox4a/rTmUYEGSY=
.give.wta.org/	1969-12-31 23:59:59	Name: __cfruid Value: 4e397673f03a55cd8a5520ca46df022398ba0c80-1703333627
.give.wta.org/	1969-12-31 23:59:59	Name: _cfuvid Value: R7aqCTwIt7e_W.rxmLuIRW.jnYiiCiJ13ShcrS3ebEs-1703333627280-0-604800000
.wta.org/	1970-01-20 17:10:20	Name: _ce.clock_event Value: 1
.www.wta.org/	1970-01-21 01:54:29	Name: __ar_v4 Value: %7C2TG3XTR6EVDYDA5AVXLEFZ%3A20240022%3A1%7C6HR7GZHSUVCVZHT63Z2H3U%3A20240022%3A1%7CI5T3ZRQJSJBB5CDQLBSTMS%3A20240022%3A1
.casalemedia.com/	1970-01-21 01:54:29	Name: CMID Value: ZYbO-O7e3J1r80YRuV1X8QAA
.casalemedia.com/	1970-01-20 19:18:29	Name: CMPS Value: 5329
.casalemedia.com/	1970-01-20 19:18:29	Name: CMPRO Value: 5329
.openx.net/	1970-01-21 01:54:29	Name: i Value: b8e42b0b-c394-4de4-aefe-97499506684b\|1703333628
.wta.org/	1970-01-20 17:10:20	Name: _ce.clock_data Value: 177%2C66.203.112.162%2C1%2Cf5ef61ca1e560a2377dfd6c236fd3eb9
.doubleclick.net/	1970-01-21 02:44:53	Name: IDE Value: AHWqTUntMNww2Q9pt9It7LsKe4rkd4dc8V7YY-FCh6pR-AYvWirc8XMiS_fFpvKfYCk
.d.adroll.com/	1970-01-21 02:37:41	Name: __adroll Value: 1d9f14ab0823b4b2f025f6431b52178e-g_1703333628-a_1703333627
.adroll.com/	1970-01-21 02:37:41	Name: __adroll_shared Value: 1d9f14ab0823b4b2f025f6431b52178e-g_1703333628-a_1703333627
.3lift.com/	1970-01-20 19:18:29	Name: tluid Value: 2990364450592234577492
.pippio.com/	1970-01-21 01:54:29	Name: did Value: JWDk8waCY5BL4V8R
.pippio.com/	1970-01-21 01:54:29	Name: didts Value: 1703333628
.pippio.com/	1970-01-20 18:35:17	Name: nnls Value:
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: x_FFRo48ge8
.youtube.com/	1970-01-20 21:28:05	Name: VISITOR_INFO1_LIVE Value: lhICcf-TCvI
.yahoo.com/	1970-01-21 01:54:51	Name: A3 Value: d=AQABBPzOhmUCEJDkq5f_97CF59KEVRgjpwYFEgEBAQEgiGWQZdww0iMA_eMAAA&S=AQAAAuLN9e5Qm7oaw32d5ex1JLo
.adnxs.com/	1970-01-20 19:18:29	Name: uuid2 Value: 5872988482954109905
.pubmatic.com/	1970-01-20 19:18:29	Name: KRTBCOOKIE_10 Value: 22808-MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&KRTB&22883-MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU&KRTB&23504-MWQ5ZjE0YWIwODIzYjRiMmYwMjVmNjQzMWI1MjE3OGU
.rubiconproject.com/	1970-01-21 01:54:29	Name: khaos Value: LQI0V3KF-13-2XVO
pixel.rubiconproject.com/	1970-01-20 19:18:29	Name: receive-cookie-deprecation Value: 1
.taboola.com/	1970-01-21 01:54:29	Name: t_gid Value: bbe88736-dfca-43b8-9375-704ae24b95b9-tuctc80547d
.taboola.com/	1970-01-21 01:54:29	Name: t_pt_gid Value: bbe88736-dfca-43b8-9375-704ae24b95b9-tuctc80547d
.analytics.yahoo.com/	1970-01-21 01:54:29	Name: IDSYNC Value: 1770~2fro
.pippio.com/	1970-01-20 18:35:17	Name: pxrc Value: CP2dm6wGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/	1970-01-21 01:54:29	Name: rmuid Value: 044eeb0a-b3a6-4a96-bf75-1dac7538e963
.linksynergy.com/	1970-01-21 01:54:29	Name: icts Value: 2023-12-23T12:13:49Z
.google.com/	1970-01-20 21:32:24	Name: NID Value: 511=qGSWPyCVwqDT4nsYU_9OJKToWIVzg84OaNSBi6wzS8nFt-VhlvR-qwNi7JiGgxa6cQGkGawKm_F6yt0VbfjHoySJBZCEXRC1fdbx3e0oFokf-jAte-HHSjkpjAJaDX0IPgJqhrcuN4BcATjKkyUyF_JFZKAc-Q8fwwyimEvKVt0
.give.wta.org/	1970-01-21 02:44:53	Name: _ga Value: GA1.3.130673013.1703333626
.give.wta.org/	1970-01-20 17:10:20	Name: _gid Value: GA1.3.1015370408.1703333626
.wta.org/	1970-01-21 02:44:53	Name: _ga Value: GA1.1.130673013.1703333626
.give.wta.org/	1970-01-21 01:54:51	Name: __adroll_fpc Value: 49ba2b9e9c2bdc4f8247eb1596958feb-1703333630230
give.wta.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: 5fpEQrNK-wxs6qtvxHZA8R_Ao52vZf3q7ZVU
m.stripe.com/	1970-01-21 02:44:53	Name: m Value: 5cbd6d06-69cd-4225-be1b-b4fd1912d3995d3d88
.give.wta.org/	1970-01-21 01:54:29	Name: __stripe_mid Value: 705dedf6-13a0-4f8a-8520-23b166ac5752bc8013
.give.wta.org/	1970-01-20 17:08:55	Name: __stripe_sid Value: cb93e84d-6cda-45e2-a946-5185d38ebe93e02500
.give.wta.org/	1970-01-21 01:54:29	Name: __ar_v4 Value: %7C2TG3XTR6EVDYDA5AVXLEFZ%3A20240022%3A1%7C6HR7GZHSUVCVZHT63Z2H3U%3A20240022%3A1%7CI5T3ZRQJSJBB5CDQLBSTMS%3A20240022%3A1
.wta.org/	1969-12-31 23:59:59	Name: cebsp_ Value: 2
.wta.org/	1970-01-21 01:54:29	Name: _ce.s Value: v~3d7de692855bf575b75e7075db8e93fc8e1b05cc~lcw~1703333628415~lva~1703333626966~vpv~0~v11.fhb~1703333628412~v11.lhb~1703333628412~v11.cs~342213~v11.s~ba0f6ad0-a18c-11ee-9151-a30964238e35~lcw~1703333630611
.rubiconproject.com/	1970-01-21 01:54:29	Name: audit Value: 1\|s2DzpzP3cGlp5vQbpLBBtFYX11LpOMn4QyZVfR8INbFrLxq/6nQ6Fe1MXuCB0EwuCfCZgJz7bp8wHTRO1/p4iGlty70eE65yR164mUDQhphJnKuoXdYGNjLZsd+yNXwy9gL3HG0vs9SmiEizumuat4ysIcz8b6XH/HVUBRw9sE4flpZHeqDEwCbyzRQDbtqQCwfRAfYnv8yyqVI1k5poNA==
.pubmatic.com/	1970-01-20 17:52:05	Name: PugT Value: 1703333630
.rlcdn.com/	1970-01-20 18:35:17	Name: pxrc Value: CPydm6wGEgUI6AcQABIFCOhHEAASBgi46wEQAg==
.adnxs.com/	1970-01-20 19:18:29	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2IlhuY5$)!]tbp8i_ipexoDI?dHvIs6KM%29DNJI9nUW]O/(]Mw<IlwSRs]O^xI]QCAGI+2o^29CB5uNCIoJd`gTD._*PlZ[C[-kX-5B'xI
give.wta.org/	1970-01-20 17:08:54	Name: XSRF-TOKEN Value: eyJpdiI6IlZHZkxzK3JvaS9hU3lnODlEU0VpbVE9PSIsInZhbHVlIjoiQkdVYWRsVkl2ZXdzVmFlOWVqTXpnRU55b2V4T2JHYmcyZnQ2cld0Y0VYc0NsZUh3eWNyZzBPSUUrdFBkcE40NW85a0JwVlBLSnVFREpVUC90K0ZrSjlHKzJ5TnkvM284Tm5aK2w2RUxvZ2lla0cvYitGa2d5WnJDWW0zSUhibXYiLCJtYWMiOiJmYmRiZjM0ZWJmODg5YjZhMTMxYWJjMmY5ODI4YzBlMDc2ZWVjMTQ3ZTZiNzVkNmIzODc0ODZjODNlMTQwNGRhIiwidGFnIjoiIn0%3D
give.wta.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6IjNtNVR5cXg5MXpmdXMrRlY0YWpiU3c9PSIsInZhbHVlIjoiZ0dJdFlUdXRnOU4yYlhDRXR4YTliOGFXUDFLcG1ab1grbEJoVWYxUTN6OGdHK0g3Tk5CajlIQkZORDRMVndZUGV1MnVoOEFwMFMzTFpaNkJ2VUY5YklpZmIvNTJUT3BqakNETmxLdWJPaE4veUtacG9BajhYL1pCQ3oxMjJtYzciLCJtYWMiOiI3NTM5N2MyOTIzN2VmYTZhYzhjOTg4NGIyYjkzY2Y3M2JhZjE3MWE0ZTQyNDI1ZDY4MTBjNzU5YTZlYjAyYTNkIiwidGFnIjoiIn0%3D
.wta.org/	1970-01-21 02:44:53	Name: _ga_X2896S29J5 Value: GS1.1.1703333626.1.1.1703333631.55.0.0
.rlcdn.com/	1970-01-21 01:54:29	Name: rlas3 Value: ciwQEPfFEtGO1EyHJyvtXJ66IjnPdC6YlUT3z+JvgLM=

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://sdk.classy.org/embedded-giving.js Message: Allow attribute will take precedence over 'allowpaymentrequest'.
other	warning	URL: https://connect.facebook.net/signals/config/1556220604666536?v=2.9.138&r=stable&domain=www.wta.org(Line 137) Message: Unrecognized feature: 'attribution-reporting'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other	warning	URL: https://connect.facebook.net/signals/config/1556220604666536?v=2.9.138&r=stable&domain=www.wta.org(Line 137) Message: Unrecognized feature: 'attribution-reporting'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
assets-tracking.crazyegg.com
assets.classy.org
bam.nr-data.net
cdn.plaid.com
cdn.transcend.io
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
give.wta.org
googleads.g.doubleclick.net
htp.tokenex.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js-agent.newrelic.com
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
maps.gstatic.com
merchant-ui-api.stripe.com
notify.bugsnag.com
pagestates-tracking.crazyegg.com
pay.classy.org
pay.google.com
pippio.com
pixel.rubiconproject.com
platform.twitter.com
play.google.com
prod-frs.content.classy.org
q.stripe.com
r.stripe.com
s.adroll.com
s7.addthis.com
script.crazyegg.com
sdk.classy.org
sessions.bugsnag.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
syndication.twitter.com
tags.rd.linksynergy.com
tracking.crazyegg.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
wta.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.gstatic.com
www.wta.org
www.youtube.com
x.bidswitch.net
103.43.90.53
104.16.123.175
104.16.56.101
104.18.124.73
104.18.197.95
104.18.36.155
104.19.148.8
104.244.42.136
104.26.8.125
107.178.254.65
108.138.246.128
13.213.81.7
13.227.254.86
13.228.126.19
141.226.229.48
142.250.66.195
142.250.66.227
142.250.67.10
142.250.67.3
142.250.71.68
142.250.71.74
142.251.175.157
142.251.221.66
142.251.221.78
151.101.2.137
151.101.64.176
151.101.66.137
157.240.8.23
157.240.8.35
162.247.241.14
172.217.167.110
172.217.167.72
172.217.167.98
172.217.167.99
172.217.24.46
172.67.71.26
18.136.156.172
18.67.111.24
18.67.93.106
18.67.93.14
192.229.237.25
198.202.176.201
207.65.33.82
23.38.129.67
34.98.64.218
34.98.67.3
35.186.205.6
35.190.88.7
35.213.12.39
35.244.154.8
35.71.178.8
44.228.215.240
52.143.247.24
54.187.119.242
54.192.150.73
64.233.170.92
66.225.223.95
69.173.158.64
02de12ee9ccd88f2bfd77f465570484f9b64a9dfa8a4478e7b8fb924d61d72c1
031790ee39c8845e9f9f206d4e32fd9fb7bfbf6b71c8dee7bd70f8546997d907
059322278854496c0f978ec03eecc022f34e8eb31ae170b3f4ccb6d3a21aae14
071f742f7dc8e2fb4b20987ac125790e37039b89ca33f8b9c6f20020d39eadc8
07ab016acca5f456bcf8a01ce9d5db3f1d3db1e89c39b2ebbd995925fc2ffb8f
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
081131a89925d539b45edffa1ec074277e34b942b89ebeaf69e8a4023e8ecc3a
098d0c70f5c83c0b2b02a8b518ebd62560ec999794b3112f79725f193783bba3
0aa71fa843d78522ae75494b3f2237bf8e6bc121ff00278264480102b26ac655
0af14e90024b9e0691b0d3d088211acaa649d2c8c5f4e65c563c71d948906be5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c6cf7bced8d3a20fb0d65244850d4da39b61791ab8d3fc85814e5be073154e9
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ce55fc3ae7a6ccd97843e6391efe0788762f803b909eae3857c5ad0add10147
11241468ecf36202cff1d14a70ac7a56ee69e77c7ee8d1835288eead918de205
14f783e8c24f58c753f06b9ced8f20119868c773e1c04a41e990ea8c856a551c
17317b7dc349951f32e31ca33e49a7405e1e60384485da472aab5225c4ccf1e6
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
17e1ff4a17c992a7599a54a65e4da2e946241d19e0dac897c2f7eca59bcb2d17
1b68b3d843d1ac6473eaad4395506a1c855cf415faea8ed7cc0bcd5dd2214b9c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a
1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035
209a98afb3dd3602c0376871569d7a7d2d1ba1b5df5c86a58a10bc7ae0f86783
22036e31a0b49bdf19ac219cb142cb1b90a108f503295b4a0d08107e3d71bd1f
24461e8609af6616b65acb3145728531e2470e8f3fef3373f8764cee4ff3d500
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
264956d1864215422fb0cf7906731f333cda073f4007ba32f1b9321ff79a9c52
27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb
27ec9be9af3315355736ddb8b8da35cf36b96ec9941f0a7c1969ea46a6704b46
29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c
2d066e10f43fa3becd5b621641887bf41b6ddddb91b25cf1169f3cd46a5db5be
3073bd17061938f0b03a1cda1ed31d8e0f4ac3c5003ad3b38d9c7e2e837eb81c
321ece339bc501c3ccf8e6efae0f0ceba66b87667ea5dbbd3a44a795f21cf44b
3268809ba48a7c060b0f6b57cc9241cc34f534635edd0eb3e28dd1ff9111f0ee
334a9391ef52196ffc91bb1f2383d3393dafa929f88947a2b80847831d095559
340c876aef112513c4a55b0e44afacb83ac744b736b831aac47481e1f7d9b0c1
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458
3d5dd28f88624d62a2f603f25a049da09e3ac24cc280d78b05f0cebd0b4bd42a
3da08c3dcadb5e8b90c703f2ca6289144b4fba54165393483b5ec77df5b32434
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
40871c4d90e6b7d74324009033218131f4fbec5d8ffd37683b2a345e9cc1b1a6
42065d8a90c8f72e17d686618f1bc887b6b16676177f3d1d006d2938434a4a07
473efdf61f08fc2ad04df7be0d974c921dea47ac2ea5c6b848a75f6b5db1da73
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce1e14b246f40e57d889003c9693466af83100fb675b32259098ed57310102f
4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3078d0773f71b08d97845dd747445531743b427f5568bd4a0d8e990dd725d8
4f6ee7bfb3fd27ec5bd3805a584f365b34aacf0a1cbee38608a8aab79451e57e
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50388efc56db6341f46befd807e9db078168296f7c1ffc551d442599f6742811
51bf499751a19c673124ea1e650359f15dd39f753aa223d2b7e2b68a65dcbd36
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55f3b4cad9d21ea0ed94bf0697382a54c4cf76d74bea3525770c3bc28ed3ddcd
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
577693837996a47ba6603819116fd8c1afd5a37615aa540393a7798c10bd46e0
5777733076c24888e61874c49bab3d5652a936a8effc1a473afcfd7e1c8a18ef
5a009f59a0def41582b5825a9e0947690fe91b64d45a7d2366cc5f2b7b644d8b
5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee
5ab04b60b674a11c7e65e398fe809e954e47f3b78a6936af8fe306a0015466ff
5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
6387f0117d25827d43301b00a292c6ab26d0deca579415e512e57952eb16d03c
6434edb4f18fe3c0eab85cd7f157099c20eacce8a4a6683737d79324281d2ade
64466f9cd697f341ccd4e774b5f839b49bc262960391a617e228da456f3bdcfd
64e0f72941d375f9836b3e87d1c1af900305471fae90b04bf085791155b62cf4
650c5dc4948895263faac430089cc0b9c05cf5704babb357d11eb86cf7d92baa
65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf
678c0bf2781144577d5db7cf03a4fa016b90e1d22d2a0249e3ed88b20a9fdf98
6c786141190cfa1b104ab04be227ae6b56595d505a36b5749ee03f3047ae4b42
6fad14bd55e0f9288370b8e98fd9dffdf19241b41919523fbef56af0b81eff63
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
70c0108cb1cfc2581cafa0adb68e67be1681494f3e0540549589e7d946fb2b4e
730e08e551242665eb3a7488da43eb422b172bb79796e543d8f9c08ceaa63899
7438e048dc7be6775abfd013639ddf9910583e02a6a322aad4248fb0f05bb714
756e1bb2b2e4de5b39227c93ba514443c67e106fdd17d41de2f4a637d058d3e8
759813d8a110733c43a0ffa3f09f267f94df572b482fd7bc050c66edabedc8e9
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7913b34e7335e9277812dab8bea796816ef66e7748a14ce02545c91172b74551
7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8
7d22a464c8b914807cefbe9b951417188ebf4429811f6e314dadbf447a09b08d
7ee2c71c181165baf4d7fce979e38e70968ed6740545d4d36e6449ef67c831fd
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b
808caae27d0a753baa1de1f3459f557ba3b3973ab020b430bade9376ca52d222
8168ac91e02a5b59b96cc1bd5c054bc3f0dd7be64b3dc5d061a75fecb0358677
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8479e373905a24b0dc0efb290d9de9d2e2ed2ccadf74826b4ab6c2cc2ff56099
863ec7f03e6be401062d3f40b76cc898e93392acd2931cfc3a07dc3d49be6b07
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
86efa66486f607feda81094783019fc5331cced0450a3e727f6459d63c9377ce
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33
872a3f7495d8b37d919bc39cc662d09e28f764ebea0e04d29baec33b6b1b4ac3
876c4a217781ebe705e4720e05b6bef97c06f6d47420d5ea9911a800b1c716ac
887944d19b85a9c09bb0ca755359ab357fda63819374562d94939c062a44d09f
8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
8c5e7122f75708c26557ddae5040e01775144a018eea937a98ee7bcb4cba7a82
8ca59ea276635e06f4153a8979c26329c234dcc44673066902f6971ecdefc758
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
90821453245b09d8b8a5a6ca943999a2fbd063868f6acacc73f511b625c81b7c
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
951ea2e32eb7db40a971c0eff5cf4e39626733dc7473250d7652b52fbbfca46e
96491d8a92795172d033c1d5e68497af50a6ccccd555b176060a8170076c4773
9669a10126dc3af0dfb585a7d1f1359638262289968aa7c202ad70de3371f073
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9e76357bae04c43badd4aa5bf3183e3257962b3bdab5333f98685b215a3ea7ab
9ecdad05363499dc367d4c734a7002071d80074c1a221788b8480687664ba3cd
9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
a202af601d9d1d5ea13bb36f674cd4495361ab4f9800675a77a89934db4fc1f3
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a56405c22a109163088824ad44ce36c088b209c8c8b8b5f4626107f42791fca6
a5d35ef4f0f4057a020f041a10f2615045792458e835b10afb43c006c9040943
a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f
aa8ab3549ed213236781bea0609d4f120a7c74e8c1792579d95587ba9424b258
ad813b781b5230610242f2c44a16f11b5cef83d9d64f48cce8ca9ad4143110f0
aeb652b78321c44ec942fe266f5a17cf8df9b3ac211575a05a59ceb2e9b7d146
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0122f40abc44decd9f72a8e5b8735724aecb0c35d3f85da4e3ca2cda821f785
b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b60e360f2ae30944eadcd664e512517e4d8f25d96bb7583d71fd9e3a7aaaf502
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
bc813c7da1f0a26d9a379a9e3345beaa272bf1ae2c0fb30ace88cbde681c131f
bec1d9feff1a1a3e6ae47f0e4aee818737d0527d8909efc6691b3c234ead0f7f
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
bee60fb3015667318ee5b27ba28e25b4c85f7f94b65800de7ef575ba2430e75f
bfe8327ddbede8552f3be2f68683686b2f428e7d1bd8605ee39efcc6fe486b6c
c174ae41679451563a26607b6729e3ae6799b434e49e8f38aaf528c896349b9e
c5c9a7215839dc7f5c3a42ac6dafce8474022ec9c85319ec6fce8186dfeab272
c6a65653335f38d5a95cf4c7e26b7684ed81593c1dce1c58e98cb9dfe9816e00
c704a5f550b5b7e635525221d2406e42424c29e76719291456935c9d6a3cf6f1
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccb94dc6dbcbffac37718cc3f5c3d41443dbdb2890b5cd36b9ccb14ab3819ba0
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd133f65e4b01d44b31ed450c2ded840f5a6074797571452aa74bf965b00e0f2
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
cecd4957b55ef192314ac269ba6bb654b79204ce9b943ab9ddb5fa523e58b110
d6ad4ff28e8f0e188b3906055cc809447d8a245ee22715cc9715f922bbf3ef68
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d9dee7d09b56edb1c5d6f0de505ad391a1527397dc3da0a56ba1cf3e4a4753e0
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e827ddef441f784d0a70b9e2d3c880102a643de0dd2ebb2c4d39d1964ae0ff3d
ebd30bdfe1071441b756d099179e0174c70d21ff6e4476f7a484946fa42fae3e
ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7
ecebf7a357ea3b5d0d1947729fe6789c7aafce5b9d73fb375b665db378021722
ed239f990af2e4be1964ed4f17fe93eb53315dd9590386a241d2325b376f196d
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
fb5fce47dee3bb80729eb88ba515fcd5a2a13be169febe8f0ab14cfffdcdab4f
fdd3d080b3efdafd916a7f950f339082a53a3832f3d9d13577b0664abeec587a
ff2e98a7c4653bd9b2816611715b00e0898a83eececb6a1086e55ba164a67a32
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.wta.org Open in urlscan Pro 172.67.71.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

332 Requests

91 %HTTPS

0 %IPv6

40 Domains

63 Subdomains

55 IPs

5 Countries

8065 kBTransfer

25496 kBSize

60 Cookies

7 Outgoing links

Page URL History

Redirected requests

332 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wta.org Open in urlscan Pro
172.67.71.26 Public Scan

Screenshot
Live screenshot

Full Image

332
Requests

91 %
HTTPS

0 %
IPv6

40
Domains

63
Subdomains

55
IPs

5
Countries

8065 kB
Transfer

25496 kB
Size

60
Cookies

332 HTTP transactions
0 data transactions