water.org Open in urlscan Pro
104.16.24.39 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.mail8.spopessentials8.com/els/v2/Nv2RFY3LR8Mz/NVYrUTRVT2dtcUVhTnpDS0xkWldHdHdheWtZRWd4UUhPMkpabkN1cWlRcWlpdHVVY0U1R2kzQlNY...
Effective URL:
https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_cont...
Submission: On November 29 via manual (November 29th 2022, 6:56:58 pm UTC) from US — Scanned from DE

Summary HTTP 122 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 31 IPs in 3 countries across 23 domains to perform 122 HTTP transactions. The main IP is 104.16.24.39, located in and belongs to CLOUDFLARENET, US. The main domain is water.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 1st 2022. Valid for: a year.

This is the only time water.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.222.214.83 52.222.214.83	16509 (AMAZON-02) (AMAZON-02)
26	104.16.24.39 104.16.24.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.16.148.64 104.16.148.64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1	104.17.244.73 104.17.244.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.224.78 104.17.224.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.18.8 172.217.18.8	15169 (GOOGLE) (GOOGLE)
1	104.18.27.85 104.18.27.85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	216.239.34.178 216.239.34.178	15169 (GOOGLE) (GOOGLE)
2	143.204.89.97 143.204.89.97	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	142.251.5.156 142.251.5.156	15169 (GOOGLE) (GOOGLE)
3	34.201.80.84 34.201.80.84	14618 (AMAZON-AES) (AMAZON-AES)
16	108.138.7.103 108.138.7.103	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.20 65.9.66.20	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
3	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
3	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
2	35.190.10.96 35.190.10.96	15169 (GOOGLE) (GOOGLE)
1	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
4	52.217.69.238 52.217.69.238	16509 (AMAZON-02) (AMAZON-02)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
20	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	167.114.119.127 167.114.119.127	16276 (OVH) (OVH)
2	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	52.88.237.241 52.88.237.241	16509 (AMAZON-02) (AMAZON-02)
122	31

1 52.222.214.83 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-83.fra56.r.cloudfront.net

links.mail8.spopessentials8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.16.24.39 (None, )

ASN13335 (CLOUDFLARENET, US)

water.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.16.148.64 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

cdn.donately.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.244.73 (None, )

ASN13335 (CLOUDFLARENET, US)

hello.myfonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.224.78 (None, )

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.27.85 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.239.34.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.89.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-97.fra50.r.cloudfront.net

pixel.locker2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.5.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.201.80.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-80-84.compute-1.amazonaws.com

b.donately.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 108.138.7.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-103.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-20.fra56.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com

collector-px963uiwkr.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.217.69.238 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.114.119.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: prd-usage-2.tjsint.net

usage.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.88.237.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-237-241.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	stripe.com js.stripe.com — Cisco Umbrella Rank: 2411 q.stripe.com — Cisco Umbrella Rank: 20778 r.stripe.com — Cisco Umbrella Rank: 7151 m.stripe.com — Cisco Umbrella Rank: 2225	474 KB
26	water.org water.org	2 MB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 535	146 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 84 region1.google-analytics.com — Cisco Umbrella Rank: 1166	64 KB
6	donately.com cdn.donately.com b.donately.com	269 KB
4	amazonaws.com s3.amazonaws.com	766 KB
3	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 ade.googlesyndication.com — Cisco Umbrella Rank: 313	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3269	674 B
3	google.com www.google.com — Cisco Umbrella Rank: 16	674 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 stats.g.doubleclick.net — Cisco Umbrella Rank: 142	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	221 KB
3	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1845 insight.adsrvr.org — Cisco Umbrella Rank: 887 match.adsrvr.org — Cisco Umbrella Rank: 454	3 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2659	17 KB
2	paypal.com www.paypal.com — Cisco Umbrella Rank: 1734 t.paypal.com — Cisco Umbrella Rank: 2378	6 KB
2	px-cloud.net collector-px963uiwkr.px-cloud.net	900 B
2	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 28473	80 KB
2	locker2.com pixel.locker2.com — Cisco Umbrella Rank: 20305	850 B
1	trackjs.com usage.trackjs.com — Cisco Umbrella Rank: 9091	229 B
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1693	235 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 939	295 B
1	fonts.net fast.fonts.net — Cisco Umbrella Rank: 3814	550 B
1	myfonts.net hello.myfonts.net — Cisco Umbrella Rank: 6604
1	spopessentials8.com 1 redirects links.mail8.spopessentials8.com	646 B
122	23

	Domain	Requested by
26	water.org	water.org cdn.donately.com
16	js.stripe.com	cdn.donately.com js.stripe.com
14	r.stripe.com	js.stripe.com
9	cdn.cookielaw.org	water.org cdn.cookielaw.org
6	q.stripe.com	water.org
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com water.org
4	s3.amazonaws.com	water.org
3	www.google.de	water.org
3	www.google.com	water.org
3	b.donately.com	cdn.donately.com water.org
3	www.googletagmanager.com	water.org www.google-analytics.com www.googletagmanager.com
3	cdn.donately.com	water.org cdn.donately.com
2	ade.googlesyndication.com	1 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	collector-px963uiwkr.px-cloud.net	cdn.donately.com
2	cdn.plaid.com	cdn.donately.com cdn.plaid.com
2	stats.g.doubleclick.net	cdn.donately.com
2	pixel.locker2.com	water.org
1	m.stripe.com	m.stripe.network
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	usage.trackjs.com
1	match.adsrvr.org	js.adsrvr.org
1	insight.adsrvr.org	1 redirects
1	t.paypal.com	water.org
1	www.paypal.com	www.paypalobjects.com
1	www.paypalobjects.com	cdn.donately.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	fast.fonts.net	water.org
1	hello.myfonts.net	water.org
1	js.adsrvr.org	water.org
1	links.mail8.spopessentials8.com	1 redirects
122	33

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.slack.com
www.nextdoor.com
www.messenger.com
www.whatsapp.com
donately.com
facebook.com
twitter.com
instagram.com
youtube.com
linkedin.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
donately.com DigiCert SHA2 Extended Validation Server CA	`2022-01-17` - `2023-01-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
www.locker2.com Amazon	`2022-09-22` - `2023-10-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
b.donately.com R3	`2022-11-10` - `2023-02-08`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-01-11`	3 months	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2022-03-08` - `2023-04-08`	a year	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2022-10-13` - `2023-11-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2022-08-30` - `2023-09-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-12` - `2023-03-09`	4 months	crt.sh
*.trackjs.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-07-28` - `2023-08-11`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh

This page contains 6 frames:

Primary Page: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Frame ID: 3A19D80577CEC79A944709F5688CC7FD
Requests: 86 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
Frame ID: 6DB69297745CAA5014FB57B79EC3874B
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
Frame ID: 927064B756DC71F652999E889A6699F1
Requests: 10 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=ru6qq3d&ref=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2&upid=tyd8sea&upv=1.1.0
Frame ID: 8831E2A127A5BD273D301F0A4C352D2B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 2FF966C31E54F791CF663A5C7EE19D62
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: FF28273F8D7A6D7B47AB328C711FE89B
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Health, hope, and safe water for all | Water.orgBack ButtonFilter Button

Page URL History Show full URLs

http://links.mail8.spopessentials8.com/els/v2/Nv2RFY3LR8Mz/NVYrUTRVT2dtcUVhTnpDS0xkWldHdHdheWtZRWd4UUhPMkpabkN1cWlR... HTTP 302
https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_c... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

122
Requests

98 %
HTTPS

0 %
IPv6

23
Domains

33
Subdomains

31
IPs

3
Countries

4029 kB
Transfer

8617 kB
Size

20
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/
Title: .dntly-ig-gradient-0{fill:url(#SVGID_1_);} .dntly-ig-gradient-1{fill:url(#SVGID_2_);} .dntly-ig-gradient-2{fill:#654C9F;}

Search URL Search Domain Scan URL

URL: https://www.slack.com/

Search URL Search Domain Scan URL

URL: https://www.nextdoor.com/

Search URL Search Domain Scan URL

URL: https://www.messenger.com/

Search URL Search Domain Scan URL

URL: https://www.whatsapp.com/

Search URL Search Domain Scan URL

URL: https://donately.com/?utm_source=formjs

Search URL Search Domain Scan URL

URL: http://facebook.com/water

Search URL Search Domain Scan URL

URL: http://twitter.com/water

Search URL Search Domain Scan URL

URL: http://instagram.com/water

Search URL Search Domain Scan URL

URL: http://youtube.com/water

Search URL Search Domain Scan URL

URL: http://linkedin.com/company/water-org

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.mail8.spopessentials8.com/els/v2/Nv2RFY3LR8Mz/NVYrUTRVT2dtcUVhTnpDS0xkWldHdHdheWtZRWd4UUhPMkpabkN1cWlRcWlpdHVVY0U1R2kzQlNYUEh3ZHZJYXducVZ0NXVMM1RMcjZpWmY0ck5HYmkrQ2xaWGZMTm9EMjhFUnhIZWdOTzA9S0/QnRvTFNMaXpkeklKZjNCUCtRYmt6dHlJT0JNSkdrK1c1bUc1Mk04Q05mUDEyMS96UHA3clA0eXYwY0puekVvQUdCUWhuUHA3ajkrZU9DK0FTRlY5S0dPQStHS2pTQnJBK3VLYU1Ocmk0d2c9S0 HTTP 302
https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106

https://insight.adsrvr.org/track/up?adv=ru6qq3d&ref=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2&upid=tyd8sea&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=ru6qq3d&ref=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2&upid=tyd8sea&upv=1.1.0

Request Chain 117

https://ade.googlesyndication.com/ddm/activity/src=8250794;type=globa0;cat=water0;ord=9801642559314;gtm=2odb90;gcs=G100;gdid=dYWJhMj;~oref=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2 HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=8250794;dc_pre=CP7a9OiI1PsCFVJDHgIdF3AIzg;type=globa0;cat=water0;ord=9801642559314;gtm=2odb90;gcs=G100;gdid=dYWJhMj;~oref=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2

122 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
water.org/end-of-year-campaign-2022/
Redirect Chain

http://links.mail8.spopessentials8.com/els/v2/Nv2RFY3LR8Mz/NVYrUTRVT2dtcUVhTnpDS0xkWldHdHdheWtZRWd4UUhPMkpabkN1cWlRcWlpdHVVY0U1R2kzQlNYUEh3ZHZJYXducVZ0NXVMM1RMcjZpWmY0ck5HYmkrQ2xaWGZMTm9EMjhFUnhIZW...
https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=M...

25 KB
7 KB

742ms
697ms

Document
text/html

104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1439e4bfba496b280c58854b4ed4e74be92993a0f7699164f8822b3db5ea1dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300
cf-cache-status: MISS
cf-ray: 771d90c85e5ebb8b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 18:56:50 GMT
expires: Tue, 29 Nov 2022 19:01:50 GMT
last-modified: Tue, 29 Nov 2022 18:56:50 GMT
referrer-policy: same-origin
server: cloudflare
vary: Cookie, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Tue, 29 Nov 2022 18:56:49 GMT
Via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: H6N8bP_vgov4Y1TG8gyUy3VSIOzvd_YXOF6K-sd37RFk9tJSR3hCxQ==
X-Amz-Cf-Pop: FRA56-P3
X-Cache: Miss from cloudfront
content-language: de-DE
location: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November 29, 2022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
server: istio-envoy
x-envoy-upstream-service-time: 2

GET
H2 200 water_org.4c5cf6a68ad7.css
water.org/static/css/ 151 KB
23 KB 38ms
37ms Stylesheet
text/css 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 747c8872c7043febfb6f1439aa3d9f00ebfc54da9303a43c3d4f0ed2b9b59e61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:50 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 28 Nov 2022 17:30:44 GMT
server: cloudflare
age: 9623
cf-polished: origSize=198417
etag: W/"6384f044-30711"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 771d90ccb8fabb8b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.1.1.min.e071abda8fe6.js Show response
water.org/static/js/ 85 KB
30 KB 36ms
35ms Script
application/javascript 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://water.org/static/js/jquery-3.1.1.min.e071abda8fe6.js
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9acdfd48e0cae6ac8f391a297dceac1712ed304c51f7ba70ea4321f5344be829

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:50 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 25 Jan 2021 17:43:48 GMT
server: cloudflare
age: 9623
cf-polished: origSize=86709
etag: W/"600f0354-152b5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 771d90ccb905bb8b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wo_bootstrap.b3bcde536104.css
water.org/static/css/ 26 KB
3 KB 555ms
554ms Stylesheet
text/css 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://water.org/static/css/wo_bootstrap.b3bcde536104.css
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe17d49ac474429ac6c940ce41aed5a2455d285118bc9b57561ddb627037a68b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 16 Feb 2021 19:58:49 GMT
server: cloudflare
etag: W/"602c23f9-66f3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 771d90ccb902bb8b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 72ms
54ms Script
application/javascript 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 29 Nov 2022 18:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bKkFjZE43AfZo3jm8gqLew==
age: 71864
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Fri, 25 Nov 2022 09:17:45 GMT
server: cloudflare
etag: 0x8DACEC5E9C800F3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 205f9382-f01e-0007-272b-012e63000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 771d90ccdbec9208-FRA

GET
H2 200 Waterorg_FY23_EOY_Img-1-RV4.original.jpg
water.org/media/images/ 239 KB
239 KB 649ms
648ms Image
image/jpeg 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://water.org/media/images/Waterorg_FY23_EOY_Img-1-RV4.original.jpg
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2f40b237af74c2c6031f62ba9774503a783bfab0fc2dce9b5a27a75ee534080

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
cf-cache-status: MISS
last-modified: Wed, 16 Nov 2022 15:06:30 GMT
server: cloudflare
etag: "6374fc76-3ba27"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 771d90d0395ebb8b-FRA
content-length: 244263

GET
H2 200 donately.min.js Show response
cdn.donately.com/core/5.5/ 679 KB
189 KB 983ms
910ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.donately.com/core/5.5/donately.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

22c56890296a2208aa6bbfb8ab0f079b0ba4c37310eaa4f6f1c7095709abcfeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Nov 2022 18:56:51 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31557600; includeSubdomains
x-amz-request-id: EXGHRZ4NQM4MRXCP
age: 0
x-cache: MISS
content-length: 192797
x-amz-id-2: kGRZT9/AkScQ7nyoj+orkSmtv6v9RlKc4GX/OXsjPRLAanTgJuGRy1BEDkBtAvwRIHdsuogQRTQ=
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4061-HHN
referrer-policy: origin-when-cross-origin
last-modified: Mon, 18 Apr 2022 11:55:58 GMT
server: AmazonS3
x-timer: S1669748211.868073,VS0,VE903
etag: "d563a41911c785bf25c91c66e91c1801"
expect-ct: max-age=86400; report-uri='https://donately.report-uri.io/r/default/ct/reportOnly'
vary: Accept-Encoding
content-type: application/javascript
x-download-options: noopen
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 Waterorg_FY23_EOY_Img-2.original.jpg
water.org/media/images/ 323 KB
324 KB 659ms
657ms Image
image/jpeg 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://water.org/media/images/Waterorg_FY23_EOY_Img-2.original.jpg
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1eba4459deb7d09d5124b02027a94bbd3bcba87b8567418b4f573d608343f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 15 Nov 2022 14:15:37 GMT
server: cloudflare
etag: "63739f09-50c43"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 771d90d03960bb8b-FRA
content-length: 330819

GET
H2 200 Waterorg_FY23_EOY_Img-3.original.jpg
water.org/media/images/ 122 KB
122 KB 675ms
674ms Image
image/jpeg 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://water.org/media/images/Waterorg_FY23_EOY_Img-3.original.jpg
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 695073d761566f2eea9cc9363063ae1f6e2ab5e123add94249c5407e47c89b9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Nov 2022 14:15:38 GMT
server: cloudflare
etag: "63739f0a-1e68e"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 771d90d03962bb8b-FRA
content-length: 124558

GET
H2 200 Waterorg_FY23_EOY_Img-4.original.jpg
water.org/media/images/ 348 KB
349 KB 650ms
649ms Image
image/jpeg 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://water.org/media/images/Waterorg_FY23_EOY_Img-4.original.jpg
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05282053e4ee87cbf8fa06acc557f8f453e24d54a8836fa5d718d4c0ea48d10a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Nov 2022 14:15:38 GMT
server: cloudflare
etag: "63739f0a-5704c"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 771d90d03970bb8b-FRA
content-length: 356428

GET
H2 200 email-decode.min.js Show response
water.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
790 B 9ms
9ms Script
application/javascript 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://water.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Nov 2022 13:35:09 GMT
server: cloudflare
etag: W/"637cd00d-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 771d90d0293cbb8b-FRA
expires: Thu, 01 Dec 2022 18:56:51 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 28ms
6ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 23:31:36 GMT
Content-Encoding: gzip
Via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 69916
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: kFMCpDpuEHokl866aBmM5USebDiUNDTXYfjhDkepdIGmGiuMUaKuiw==

GET
H2 200 water_org.085a2005896f.js Show response
water.org/static/js/ 13 KB
4 KB 40ms
38ms Script
application/javascript 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://water.org/static/js/water_org.085a2005896f.js
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e3c7dc8d0e9740bf94a938073de9da53213b08f75173ffccf8efacc88d088dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 16 Sep 2022 21:13:06 GMT
server: cloudflare
age: 9624
cf-polished: origSize=19050
etag: W/"6324e6e2-4a6a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 771d90d03951bb8b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 magnific-popup.0152d6b2c4d0.js Show response
water.org/static/js/ 17 KB
6 KB 52ms
50ms Script
application/javascript 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://water.org/static/js/magnific-popup.0152d6b2c4d0.js
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cece2352087cfca9a8dc2465945fe8044c4e02c7be85ffabdcc61da7f5182230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 25 Jan 2021 17:43:48 GMT
server: cloudflare
age: 9624
cf-polished: origSize=17837
etag: W/"600f0354-45ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 771d90d03955bb8b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.flexslider-min.713a5d55fb66.js Show response
water.org/static/js/ 22 KB
6 KB 53ms
51ms Script
application/javascript 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://water.org/static/js/jquery.flexslider-min.713a5d55fb66.js
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71d10da19ae1446117c850a4ad2f0f3649abafee9a8e0a5e561d013973c844f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 25 Jan 2021 17:43:48 GMT
server: cloudflare
age: 9624
cf-polished: origSize=22334
etag: W/"600f0354-573e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 771d90d03957bb8b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js.cookie.6e9eb1f53afb.js Show response
water.org/static/js/ 3 KB
1 KB 56ms
54ms Script
application/javascript 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://water.org/static/js/js.cookie.6e9eb1f53afb.js
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a42bc2665485ce601662cc5273620f66a61b4a001b22b594d5acbb9cfe86bd45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 25 Jan 2021 17:43:48 GMT
server: cloudflare
age: 9624
cf-polished: origSize=3872
etag: W/"600f0354-f20"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 771d90d0395abb8b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wow.min.36050285bfee.js Show response
water.org/static/js/ 8 KB
3 KB 51ms
49ms Script
application/javascript 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://water.org/static/js/wow.min.36050285bfee.js
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 25 Jan 2021 17:43:48 GMT
server: cloudflare
age: 9624
etag: W/"600f0354-20df"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 771d90d0395bbb8b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 accordion.ff6279e8fe89.js Show response
water.org/static/js/ 3 KB
939 B 57ms
56ms Script
application/javascript 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://water.org/static/js/accordion.ff6279e8fe89.js
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a2015c473213831981ddada105d614405bbb66fadddb4448326e44bb80611dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 26 Jul 2022 13:55:28 GMT
server: cloudflare
age: 9624
cf-polished: origSize=4841
etag: W/"62dff250-12e9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 771d90d0395dbb8b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 503 32fd5b
hello.myfonts.net/count/ 0
0 56ms
26ms Stylesheet
text/html 104.17.244.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/32fd5b
Requested by: Host: water.org
URL: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.244.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H2 200 1.css
fast.fonts.net/t/ 0
550 B 76ms
44ms Stylesheet
text/css 104.17.224.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=42127ea0-53f8-4242-8593-40c97f177709
Requested by: Host: water.org
URL: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.224.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:50 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: H3KT92M7NNVZGFN1
age: 380448
content-length: 0
x-amz-id-2: Y2MWW3u3vcgi0mZgJUvxVVD0PtbI7gGIAwdzPFYM8XhMIOpzDgSLZRYpBvzAuXMH50yEwq862wk=
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=0, s-maxage=604800
accept-ranges: bytes
cf-ray: 771d90cd2fdd90dd-FRA
x-amz-meta-mtime: 1519217722

GET
H2 200 c5e49dbf-b964-490a-b796-8ca6ca53cbb2.json Show response
cdn.cookielaw.org/consent/c5e49dbf-b964-490a-b796-8ca6ca53cbb2/ 7 KB
3 KB 37ms
18ms XHR
application/x-javascript 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/c5e49dbf-b964-490a-b796-8ca6ca53cbb2/c5e49dbf-b964-490a-b796-8ca6ca53cbb2.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec4214472d1e0b9bfb9640ed2804b7d3ac7d08a5a57c4cc2afc63e7ad5a431e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Cx2uOETOGUnVvuI9nUHLGg==
age: 45517
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2187
x-ms-lease-status: unlocked
last-modified: Tue, 08 Nov 2022 16:47:47 GMT
server: cloudflare
etag: 0x8DAC1A8F78203F0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 54f9f9a4-101e-002f-5a99-f359dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 771d90d05853bb3b-FRA
expires: Wed, 30 Nov 2022 18:56:51 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 376 KB
103 KB 59ms
37ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLV38HP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9502881f71d42d5599e4f3d592d78d5c1a358b704c5a388e7ee46c9885c5458f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104968
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Nov 2022 18:56:51 GMT

GET
H2 200 water-org-logo.bd23a712cf69.svg
water.org/static/img/ 6 KB
2 KB 29ms
29ms Image
image/svg+xml 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://water.org/static/img/water-org-logo.bd23a712cf69.svg
Requested by: Host: water.org
URL: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 219a25d084f20da146572fdd2ee13465b3e0b7b409930e1032d0f02624c21622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/static/css/water_org.4c5cf6a68ad7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jan 2021 17:43:48 GMT
server: cloudflare
age: 9623
etag: W/"600f0354-171f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 771d90d03973bb8b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 primary-button-background.5cfdfca170f3.svg
water.org/static/img/ 564 B
459 B 52ms
50ms Image
image/svg+xml 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://water.org/static/img/primary-button-background.5cfdfca170f3.svg
Requested by: Host: water.org
URL: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd5d9b4eb898235d18fbe41036e84f32af7bd54712bcb1177de83460405f4fc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/static/css/water_org.4c5cf6a68ad7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jan 2021 17:43:48 GMT
server: cloudflare
age: 9623
etag: W/"600f0354-234"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 771d90d03974bb8b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 primary-button-background-hover.89a231120337.svg
water.org/static/img/ 564 B
472 B 51ms
50ms Image
image/svg+xml 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://water.org/static/img/primary-button-background-hover.89a231120337.svg
Requested by: Host: water.org
URL: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 732f1e301c4e4714fce625a9298358a89f2f61bf5c04c948b87fa5aa841cd83e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/static/css/water_org.4c5cf6a68ad7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jan 2021 17:43:48 GMT
server: cloudflare
age: 9623
etag: W/"600f0354-234"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 771d90d03977bb8b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Waterorg_FY23-EOY_Header-RV5.original.jpg
water.org/media/images/ 473 KB
473 KB 667ms
666ms Image
image/jpeg 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://water.org/media/images/Waterorg_FY23-EOY_Header-RV5.original.jpg
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59bc6e8d1968a370b8466d220e52d2e995fab04963151ba428f62e4d64209f48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
cf-cache-status: MISS
last-modified: Wed, 16 Nov 2022 14:26:28 GMT
server: cloudflare
etag: "6374f314-76351"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 771d90d0397abb8b-FRA
content-length: 484177

GET
H2 200 32FD5B_0_0.2685c18f28a5.woff2
water.org/static/fonts/mark-pro/ 29 KB
29 KB 49ms
48ms Font
application/octet-stream 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://water.org/static/fonts/mark-pro/32FD5B_0_0.2685c18f28a5.woff2
Requested by: Host: water.org
URL: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5014cc02a7f7a13f8b87a142df83dd4fdf550e0e4ac6457972f0bbe87d4b5e9

Request headers

Referer: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Origin: https://water.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Jan 2021 17:43:48 GMT
server: cloudflare
age: 90
etag: "600f0354-74d9"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 771d90d0397bbb8b-FRA
content-length: 29913
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 32FD5B_6_0.78916d67c489.woff2
water.org/static/fonts/mark-pro/ 29 KB
29 KB 76ms
75ms Font
application/octet-stream 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://water.org/static/fonts/mark-pro/32FD5B_6_0.78916d67c489.woff2
Requested by: Host: water.org
URL: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0f46d0b1281742fd99e2a372327c076ea1ac9b7f5be38625f49e8cbb18993d8

Request headers

Referer: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Origin: https://water.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Jan 2021 17:43:48 GMT
server: cloudflare
age: 90
etag: "600f0354-7337"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 771d90d0397fbb8b-FRA
content-length: 29495
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 32FD5B_1_0.ca3cff21371b.woff2
water.org/static/fonts/mark-pro/ 29 KB
29 KB 51ms
50ms Font
application/octet-stream 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://water.org/static/fonts/mark-pro/32FD5B_1_0.ca3cff21371b.woff2
Requested by: Host: water.org
URL: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c42938a1ab0f52ebf0832edff778ad471032f662ffc99ba01cf8bfe8ffed4bf0

Request headers

Referer: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Origin: https://water.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Jan 2021 17:43:48 GMT
server: cloudflare
age: 90
etag: "600f0354-752d"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 771d90d03981bb8b-FRA
content-length: 29997
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 32FD5B_4_0.8ab66dfa07ae.woff2
water.org/static/fonts/mark-pro/ 31 KB
31 KB 600ms
600ms Font
application/octet-stream 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://water.org/static/fonts/mark-pro/32FD5B_4_0.8ab66dfa07ae.woff2
Requested by: Host: water.org
URL: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b342deea15166d46b81a19b19ada253a83949b90c8b63547b0d9b7498b2d79c5

Request headers

Referer: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Origin: https://water.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 25 Jan 2021 17:43:48 GMT
server: cloudflare
etag: "600f0354-7b11"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 771d90d03984bb8b-FRA
content-length: 31505
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 315eba9a-1de1-4947-9e48-e36be51ceaf9.36806e8a8c4c.woff2
water.org/static/fonts/univers/ 17 KB
17 KB 549ms
549ms Font
application/octet-stream 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://water.org/static/fonts/univers/315eba9a-1de1-4947-9e48-e36be51ceaf9.36806e8a8c4c.woff2
Requested by: Host: water.org
URL: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ac5a5e397736742ade8861193a4af6f4b395a15651f6d0f6703cb483ac82077

Request headers

Referer: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Origin: https://water.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 25 Jan 2021 17:43:48 GMT
server: cloudflare
etag: "600f0354-4508"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 771d90d03988bb8b-FRA
content-length: 17672
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 57ms
38ms XHR
application/json 104.18.27.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.27.85 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 771d90d08b1dbb8c-FRA
access-control-allow-headers: Content-Type

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 109 KB
43 KB 37ms
15ms Script
application/javascript 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-K3FTM4H

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLV38HP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02107a5cc81d7b26a29598d5ab0579e164e6ff9df44f13c388a316e41938cde9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43998
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Nov 2022 18:56:51 GMT

GET
H2 200 gXmQwhgbAW2xjmwN6.png
pixel.locker2.com/image/ 68 B
415 B 91ms
8ms Image
image/png 143.204.89.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.locker2.com/image/gXmQwhgbAW2xjmwN6.png?gtmcb=1681287961
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-97.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 05:22:06 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
last-modified: Tue, 17 Dec 2019 16:10:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 567286
etag: "e679fbd466a2d656f194a5da4fa083cd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 68
x-amz-cf-id: CQNooBf912jXP09aL0n4_hyVQu9jph-XKCeFMzkWP2Jg2eCMKoe_3A==

GET
H2 200 Qit8wBGtPKqiqE9tW.png
pixel.locker2.com/image/ 68 B
435 B 90ms
8ms Image
image/png 143.204.89.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.locker2.com/image/Qit8wBGtPKqiqE9tW.png
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-97.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 22:04:53 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
last-modified: Mon, 13 Jan 2020 17:28:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 593519
etag: "e679fbd466a2d656f194a5da4fa083cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 68
x-amz-cf-id: TASYeXdsPyYHVWu0d_KXZf2_K0-0OnGdo_dhmVQjM0tHSjao_qKviA==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/ 381 KB
91 KB 22ms
22ms Script
application/javascript 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DjzI+HdyHvhC2OCs+qd+pw==
age: 63044
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93164
x-ms-lease-status: unlocked
last-modified: Tue, 22 Nov 2022 16:39:29 GMT
server: cloudflare
etag: 0x8DACCA820960A95
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 745d6c6d-c01e-00e1-0cd5-fe3f93000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 771d90d0eb249208-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/c5e49dbf-b964-490a-b796-8ca6ca53cbb2/da5651bc-e0e7-4484-9c5c-e4a52e77509b/ 53 KB
12 KB 351ms
351ms Fetch
application/x-javascript 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/c5e49dbf-b964-490a-b796-8ca6ca53cbb2/da5651bc-e0e7-4484-9c5c-e4a52e77509b/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78d841603c1fb0f235d7d248d874505f99ff4af1d5944819c86c095543db5757

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: am62zPS00XGKQX51UUaDFw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12489
x-ms-lease-status: unlocked
last-modified: Tue, 08 Nov 2022 16:48:23 GMT
server: cloudflare
etag: 0x8DAC1A90CB75A1D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6f984028-001e-009a-099a-f35423000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 771d90d129ebbb3b-FRA
expires: Wed, 30 Nov 2022 18:56:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 10ms
7ms Script
text/javascript 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLV38HP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 17:24:43 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5528
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 29 Nov 2022 19:24:43 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/778006191/ 2 KB
2 KB 76ms
54ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/778006191/?random=1669748211784&cv=11&fst=1669748211784&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2&tiba=Health%2C%20hope%2C%20and%20safe%20water%20for%20all%20%7C%20Water.org&auid=1401717711.1669748211&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLV38HP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

1042f9b532e6cb5ebfe5476dd0975e4359aadb740d83d53c3be8f049c1c46ea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
75 KB 24ms
23ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5WSKDZGKCV&l=dataLayer&cx=c

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/gtm/optimize.js?id=GTM-K3FTM4H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6da6cedaf0aa7b00c8d98fb7691ee1cda716d83bc7a8895391da6c56f7718a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76659
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Nov 2022 18:56:51 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/ 9 KB
3 KB 23ms
21ms Fetch
application/json 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d94edd219d965011aa7c423435675f8fc3aba340d1d2a45840c88592b922dbf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ObQt0gPAX5BJlPa/ILV6JA==
age: 23308
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2612
x-ms-lease-status: unlocked
last-modified: Tue, 22 Nov 2022 16:39:20 GMT
server: cloudflare
etag: 0x8DACCA81B0C6435
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e2129e72-a01e-0139-34ae-fede17000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 771d90d3c80dbb3b-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/v2/ 62 KB
13 KB 27ms
25ms Fetch
application/json 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67e40afea590dbd487bf12f6ceaa5c16e606cbec9268c64b69a371d5fb3cc09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: cWUYtlJNLE0cQ+nS16W3mQ==
age: 23308
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13271
x-ms-lease-status: unlocked
last-modified: Tue, 22 Nov 2022 16:39:22 GMT
server: cloudflare
etag: 0x8DACCA81C239EF2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 469b41ee-c01e-014f-6f55-ff5aab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 771d90d3c810bb3b-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/ 21 KB
4 KB 28ms
27ms Fetch
text/css 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 29 Nov 2022 18:56:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oQsmwuIlJWH4cKDxpI1ltA==
age: 52581
x-ms-lease-status: unlocked
last-modified: Tue, 22 Nov 2022 16:39:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4cafea29-a01e-011b-3552-ffb021000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 771d90d3c816bb3b-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1264300519&t=pageview&_s=1&dl=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2&ul=en-us&de=UTF-8&dt=Health%2C%20hope%2C%20and%20safe%20water%20for%20all%20%7C%20Water.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABQAAAAC~&jid=739401591&gjid=712220058&cid=1828196971.1669748212&tid=UA-2458604-37&_gid=1410940829.1669748212&_r=1&gtm=2wgb90NLV38HP&z=2061927971

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 18:56:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://water.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init.js Show response
cdn.donately.com/963UiWkR/ 161 KB
71 KB 10ms
10ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.donately.com/963UiWkR/init.js

Requested by

Host: cdn.donately.com
URL: https://cdn.donately.com/core/5.5/donately.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d1da5e11f8ba0e1d079e244429e0d313904895cf014cdd322a76288e11cb83ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600; includeSubdomains
x-content-type-options: nosniff
age: 68
x-cache: HIT
content-length: 72412
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4061-HHN
referrer-policy: origin-when-cross-origin
etag: "283df-AJ77w6qpDROHo9RwuRouR8YAUJw"
x-px-hash: NDIyMTI0ZGNiZTk5NTM0YmVlMGVlMWEyYjYyNzE2YjgzMmJmNGU0ZDIxOGNhMmViNjg1NTFlMjE5NTk3YzRiMg==
vary: Accept-Encoding
active-cdn: Akamai
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: active-cdn,x-served-by
cache-control: max-age=600,stale-while-revalidate=86400,stale-if-error=3600
expect-ct: max-age=86400; report-uri='https://donately.report-uri.io/r/default/ct/reportOnly'
accept-ranges: bytes
x-download-options: noopen
x-cache-hits: 1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 57ms
19ms XHR
text/plain 142.251.5.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2458604-37&cid=1828196971.1669748212&jid=739401591&gjid=712220058&_gid=1410940829.1669748212&_u=YEBAAAAAQAAAAC~&z=1784423384

Requested by

Host: cdn.donately.com
URL: https://cdn.donately.com/core/5.5/donately.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Nov 2022 18:56:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://water.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icomoon.a47b51e04b2e.ttf
water.org/static/fonts/icomoon/ 4 KB
4 KB 31ms
31ms Font
application/octet-stream 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://water.org/static/fonts/icomoon/icomoon.a47b51e04b2e.ttf?a0ft7l
Requested by: Host: water.org
URL: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b56fd5e76918e24d4923db1da2652a33ac5affb57cfb4e719301494ecfcaae1

Request headers

Referer: https://water.org/static/css/water_org.4c5cf6a68ad7.css
Origin: https://water.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Jan 2021 17:43:48 GMT
server: cloudflare
age: 90
etag: "600f0354-1030"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 771d90d43997bb8b-FRA
content-length: 4144
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 7ms
7ms Script
text/javascript 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2070
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 29 Nov 2022 19:22:21 GMT

GET
H2 200 / Show response
water.org/end-of-year-campaign-2022/ 25 KB
7 KB 52ms
51ms XHR
text/html 104.16.24.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.donately.com
URL: https://cdn.donately.com/core/5.5/donately.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.24.39 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1191ae75794cc0c0c2b4798e5bdb20f2d1705d35d245d13ffe16dd5a0c72f1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 18:56:50 GMT
server: cloudflare
age: 1
x-frame-options: DENY
vary: Cookie, Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: max-age=300
cf-ray: 771d90d49a41bb8b-FRA
expires: Tue, 29 Nov 2022 19:01:50 GMT

POST
H/1.1 200
OK / Show response
b.donately.com/ 2 KB
3 KB 334ms
107ms XHR
application/json 34.201.80.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://b.donately.com/
Requested by: Host: cdn.donately.com
URL: https://cdn.donately.com/core/5.5/donately.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.201.80.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-80-84.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 58956014e17e5abf6ea29931ceb50c6167a489424f905fccbae2fcf3de11ffbc

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 29 Nov 2022 18:56:52 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"920-EaSqF43EqoMKumxFGhWIqxlXk70"
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 2336

GET
H2 200 / Show response
js.stripe.com/v3/ 398 KB
97 KB 76ms
8ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.donately.com
URL: https://cdn.donately.com/core/5.5/donately.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0867efe4ab18c35f3ea7591f9eee0ebbb8631a6e65f7287104d1f8eef992d9ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 18:56:19 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 33
x-cache: Hit from cloudfront
last-modified: Tue, 22 Nov 2022 04:35:54 GMT
server: Cloudfront
etag: W/"0811280c436e51c657484d591864732e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: xHTaHQGJ9KXAg9z00k7pooIAheb9coKRbgQZibXZRV7ilOxAjagEbA==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 107 KB
37 KB 65ms
29ms Script
application/javascript 65.9.66.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: cdn.donately.com
URL: https://cdn.donately.com/core/5.5/donately.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-20.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9769bc693b421a55220ada1d37532abce9a4aeff6aea7a3a3f941ecd45f57659

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: LVN4T4QU1NOgUMhjSxOM3eZnd2iyaaL2
content-encoding: gzip
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
date: Tue, 29 Nov 2022 00:20:36 GMT
x-amz-request-id: 6GS7EJZP0CWTAWXA
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 67067
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: aa1O9IJZ2CecGHCZWB+ZZrmXgqmrjaFkfxu1x8sMPpCOWPvzGJXVCJFoOQJxHPWbWE4zpSJjHmY=
last-modified: Wed, 23 Nov 2022 21:27:14 GMT
server: AmazonS3
etag: W/"6ce30dbc0724812a91def1b44cb406b8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: LNs-jYfjyH-KaNraT1PBktCI3WuAnWvGDcPlr_tXWpvuA7039iEm8A==

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ 1 MB
235 KB 38ms
7ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Host: cdn.donately.com
URL: https://cdn.donately.com/core/5.5/donately.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:52 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: eb38a26ea36f6
dc: ccg11-origin-www-1.paypal.com
content-length: 239948
x-served-by: cache-sjc10020-SJC, cache-hhn4040-HHN
last-modified: Mon, 25 Apr 2022 17:04:48 GMT
traceparent: 00-0000000000000000000eb38a26ea36f6-1ecd6d37bcc4c901-01
x-timer: S1669748212.021197,VS0,VE0
etag: W/"6266d4b0-16d23e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
x-cache-hits: 446022, 215472

GET
H2 200 pikaday.min.js Show response
cdn.donately.com/vendor/ 16 KB
6 KB 10ms
9ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.donately.com/vendor/pikaday.min.js

Requested by

Host: cdn.donately.com
URL: https://cdn.donately.com/core/5.5/donately.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

58239344d026fbeadfe03d62e815b8d8c9e9766fe547c33da403192bb2cc0302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Nov 2022 18:56:51 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31557600; includeSubdomains
x-amz-request-id: ENDNTR3WTYBM4NDS
age: 3431
x-cache: HIT
content-length: 5862
x-amz-id-2: f5iY0rYL3BcdZtGvNHOwc550ahSGE9g2dM4UX5tel6bN3xPeoh639q9dVtkZGROOwwnm6A71kFw=
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4061-HHN
referrer-policy: origin-when-cross-origin
last-modified: Wed, 13 Oct 2021 08:43:59 GMT
server: AmazonS3
x-timer: S1669748212.990712,VS0,VE2
etag: "2e45b3338a801de09c9658284dab8426"
expect-ct: max-age=86400; report-uri='https://donately.report-uri.io/r/default/ct/reportOnly'
vary: Accept-Encoding
content-type: application/javascript
x-download-options: noopen
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK /
b.donately.com/ 35 B
325 B 332ms
108ms Image
image/gif 34.201.80.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.donately.com/?event=form.init&version=0.0.4&timestamp=1669748211918&timeOpened=1669748211841&host=water.org&userFingerprint=678218923&formFingerprint=1265466482&formVersion=5.5.41&accountId=act_dd6d76ceed12&currentUrl=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022&childUrl=&imageCount=5&wordCount=228&pageSize=&sizeScreenW=1600&sizeScreenH=1200&sizeInW=1600&sizeInH=1200&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.121%20Safari%2F537.36&formOptions=
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.201.80.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-80-84.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 18:56:52 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 35

GET
H2 200 Water.org_logo_png_rgb.png
cdn.cookielaw.org/logos/b382098e-e2fe-42ad-ae0c-04aad8d89c1a/0a3c597a-758b-45a3-b5dd-751b0d21797c/8f8c69fa-17c3-46c3-8976-dc924934fa7c/ 11 KB
11 KB 24ms
23ms Image
image/png 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/b382098e-e2fe-42ad-ae0c-04aad8d89c1a/0a3c597a-758b-45a3-b5dd-751b0d21797c/8f8c69fa-17c3-46c3-8976-dc924934fa7c/Water.org_logo_png_rgb.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1e3474d1f359ad05f17810c72011240251761e42cf2ae812408eca398c974ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 29 Nov 2022 18:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QcOQbUtm//kkz77TMS50HA==
age: 30689
content-length: 10789
x-ms-lease-status: unlocked
last-modified: Wed, 26 Oct 2022 19:50:30 GMT
server: cloudflare
etag: 0x8DAB78B565A92E9
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 42b446c7-601e-004d-7481-f31e04000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 771d90d529b49208-FRA

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 26ms
26ms Image
image/svg+xml 104.16.148.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 29 Nov 2022 18:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 69973
x-ms-lease-status: unlocked
last-modified: Fri, 25 Nov 2022 09:17:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e9f1716b-f01e-0121-3032-01f382000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 771d90d529b79208-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/778006191/ 42 B
548 B 46ms
21ms Image
image/gif 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/778006191/?random=1669748211784&cv=11&fst=1669744800000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2&tiba=Health%2C%20hope%2C%20and%20safe%20water%20for%20all%20%7C%20Water.org&fmt=3&is_vtc=1&random=1709528925&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 18:56:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/778006191/ 42 B
548 B 41ms
17ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/778006191/?random=1669748211784&cv=11&fst=1669744800000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2&tiba=Health%2C%20hope%2C%20and%20safe%20water%20for%20all%20%7C%20Water.org&fmt=3&is_vtc=1&random=1709528925&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 18:56:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collector Show response
collector-px963uiwkr.px-cloud.net/api/v2/ 353 B
602 B 54ms
27ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px963uiwkr.px-cloud.net/api/v2/collector
Requested by: Host: cdn.donately.com
URL: https://cdn.donately.com/core/5.5/donately.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: b3cbcb98c28992b8a9c3dfd6ebbe04f7ef16731210fd1ccf90dc725110d3a43c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Nov 2022 18:56:51 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://water.org
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 353

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 20ms
19ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8250794

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLV38HP

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c2fffece46cd12e9f00b965462c62379a465889a5beb37603fd39417a2d64afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:56:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44181
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Nov 2022 18:56:52 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 61ms
44ms Image
image/gif 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2458604-37&cid=1828196971.1669748212&jid=739401591&_u=YEBAAAAAQAAAAC~&z=1705159498

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 18:56:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 51ms
33ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2458604-37&cid=1828196971.1669748212&jid=739401591&_u=YEBAAAAAQAAAAC~&z=1705159498

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 18:56:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 57ms
19ms XHR
text/plain 142.251.5.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-25909623-2&cid=1828196971.1669748212&jid=16690995&gjid=297212651&_gid=1410940829.1669748212&_u=aGDAgEIRQAAAAGAAI~&z=1731834092

Requested by

Host: cdn.donately.com
URL: https://cdn.donately.com/core/5.5/donately.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Nov 2022 18:56:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://water.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1264300519&t=pageview&_s=1&dl=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2&ul=en-us&de=UTF-8&dt=Health%2C%20hope%2C%20and%20safe%20water%20for%20all%20%7C%20Water.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEIRQAAAACAAI~&jid=16690995&gjid=297212651&cid=1828196971.1669748212&tid=UA-25909623-2&_gid=1410940829.1669748212&cd1=core&cd2=5.5.41&cd3=embed&cd4=act_dd6d76ceed12&cm1=1&cm2=1&cm3=0&cm4=1&z=209561673

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 03:04:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57126
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1439/ 0
43 KB 7ms
7ms Other
application/javascript 65.9.66.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1439/link-dynamic-loader.js
Requested by: Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-20.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: dym.DR0WDP8b6t465ggdIFN0607y_Ihl
content-encoding: gzip
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
date: Mon, 28 Nov 2022 21:56:50 GMT
x-amz-cf-pop: FRA56-C1
age: 75605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 23 Nov 2022 21:27:14 GMT
server: AmazonS3
etag: W/"12e5d5e19ddd53ed286f454dae807a84"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
x-amz-cf-id: S0A-9zTT3OJrxb2l3f5vW7M5bivaGeNTjQkM2l2KNxcXlrhebp5VAg==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 45ms
45ms Image
image/gif 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-25909623-2&cid=1828196971.1669748212&jid=16690995&_u=aGDAgEIRQAAAAGAAI~&z=620314277

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 18:56:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
32ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-25909623-2&cid=1828196971.1669748212&jid=16690995&_u=aGDAgEIRQAAAAGAAI~&z=620314277

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 18:56:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 44ms
9ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=water.org&source=checkoutjs&t=xo&v=4.0.336

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-eJkydAvtMjdQTeq0pxv2zHkQ+GedoS2txqn7l5Uhw7kZKywe' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-eJkydAvtMjdQTeq0pxv2zHkQ+GedoS2txqn7l5Uhw7kZKywe' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 18:56:52 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1028
x-cache: HIT
paypal-debug-id: f357865fc0282
server-timing: "traceparent;desc="00-0000000000000000000f357865fc0282-1432885014399138-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4051-HHN
traceparent: 00-0000000000000000000f357865fc0282-941edb7efba1d225-01
x-timer: S1669748212.328756,VS0,VE2
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 controller-0ab991f8c7ab188e2ac0d18e04e20111.html Show response
js.stripe.com/v3/ Frame 6DB6 325 B
1 KB 60ms
60ms Document
text/html 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

fd46e7a7282fdd649cfcccd1c3dc801bf9b1d22df08392a58c7007c4dc391a34

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 18:56:52 GMT
etag: "0ab991f8c7ab188e2ac0d18e04e20111"
last-modified: Tue, 22 Nov 2022 03:54:37 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-id: TFCHXbmrM2_NNhRHwXP6lq3ls4Ou4Plpb1s1hbCOurckgmrUjfhkKw==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-180159345ce5ca40cf05560276ef12f8.html Show response
js.stripe.com/v3/ Frame 9270 798 B
2 KB 53ms
53ms Document
text/html 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0bb4457a21983eedb423058dbba9788909de635dbdbba8f740f6f444a3800383

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2852
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 18:09:24 GMT
etag: "180159345ce5ca40cf05560276ef12f8"
last-modified: Tue, 22 Nov 2022 03:54:37 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-id: Orpv-zRjpC69uDZ8ZbwyU2rAyPLUbB46ePd4LvBQTtXv2gIzI-7PVg==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d871e662ea88caa5605e6dc51b38eb1a0d7c7e168bfe8de0a5434c6a44d4e00c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 249 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87b2df0a1cbeff6208b5594ce402187918867e5166247537feb45650d30da4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cc89be92b323a31353c1e8b78332306314e1b5d42312a1fb73954bdf5107375

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK eCard-1.jpg
s3.amazonaws.com/static.water.org/ecards/2022+eCards+Folder/ 217 KB
217 KB 326ms
115ms Image
image/jpeg 52.217.69.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.water.org/ecards/2022+eCards+Folder/eCard-1.jpg
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.69.238 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 23d7d6b97a29f641ab02a6195cf15c56ca5526a476e02a2242b8394fb7d01b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 18:56:53 GMT
Last-Modified: Mon, 21 Nov 2022 18:38:05 GMT
Server: AmazonS3
x-amz-request-id: 4CQM5ZVRG0XVXSWQ
ETag: "ed146f21c0dd40a3b422179e5c0b8ac7"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 221950
x-amz-id-2: 1OW6jDgkNynNMaCHKLJ2kWdNT53ihcosOBQP32yQ08D7JII5HBXq4hE+lWoczfrXiGio5ikECaU=

GET
H/1.1 200
OK eCard-2.jpg
s3.amazonaws.com/static.water.org/ecards/2022+eCards+Folder/ 202 KB
202 KB 332ms
115ms Image
image/jpeg 52.217.69.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.water.org/ecards/2022+eCards+Folder/eCard-2.jpg
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.69.238 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fbe0f9a875f430b13031b2823fe2aa69c78f966c5650a4afc66c43cb338520cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 18:56:53 GMT
Last-Modified: Wed, 16 Feb 2022 20:32:28 GMT
Server: AmazonS3
x-amz-request-id: 4CQZB40NPSJ7TS6W
ETag: "32eef74fa0dcc383258131a502fd2a45"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 206462
x-amz-id-2: Lo2jOuCrOiBrKKz2BcJUeW9sMKo7kn6UpdJYqfvHW9JwUX4YlxcDC+innSsAspoQ6pahACXIRbs=

GET
H/1.1 200
OK eCard-3.jpg
s3.amazonaws.com/static.water.org/ecards/2022+eCards+Folder/ 183 KB
183 KB 345ms
121ms Image
image/jpeg 52.217.69.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.water.org/ecards/2022+eCards+Folder/eCard-3.jpg
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.69.238 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: eeecde5a4a7e74c7830b62c28d45d52ff03b65a69ebaa41c5279d77a5cf6bf26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 18:56:53 GMT
Last-Modified: Wed, 16 Feb 2022 20:32:29 GMT
Server: AmazonS3
x-amz-request-id: 4CQV23NBHBKR01QG
ETag: "e438d6a0f5418a911e3cf9cb5b10c1f5"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 187502
x-amz-id-2: kcUDqb2KX3lOaZeWH7ZvtK5+6HDt+c5E2buoDm/XKhqHjCOw+o1CFypiRLjvHqE20+IDhQr6F24=

GET
H/1.1 200
OK eCard-4.jpg
s3.amazonaws.com/static.water.org/ecards/2022+eCards+Folder/ 163 KB
163 KB 341ms
115ms Image
image/jpeg 52.217.69.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.water.org/ecards/2022+eCards+Folder/eCard-4.jpg
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.69.238 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 52151957666e98e0cc6be1916cc2560cecae66598b14670e11f90e6f67dcc7ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 18:56:53 GMT
Last-Modified: Wed, 16 Feb 2022 20:32:30 GMT
Server: AmazonS3
x-amz-request-id: 4CQGBPJMPW26VK90
ETag: "7facf9f9ff87114eacaf3842502ee856"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 166858
x-amz-id-2: 27AWJ6bGEt9lL5m44+S68SJMZqTPpwK0m9jVCEj0ZIRzsLY/+qqyKUqZ6lGt+A1jrADICkWju4U=

GET
H/1.1 200
OK /
b.donately.com/ 35 B
325 B 103ms
103ms Image
image/gif 34.201.80.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.donately.com/?event=form.loaded&version=0.0.4&timestamp=1669748212482&timeOpened=1669748211841&host=water.org&userFingerprint=678218923&formFingerprint=1265466482&formVersion=5.5.41&accountId=act_dd6d76ceed12&currentUrl=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022&childUrl=&formOptions=
Requested by: Host: water.org
URL: https://water.org/end-of-year-campaign-2022/?utm_source=EOY_04_20221129&utm_medium=email&utm_campaign=eoy&utm_content=donate_eoy_button&utm_term=November%2029,%202022&spMailingID=8945452&spUserID=MTI4NjA1MDgzOAS2&spJobID=1620499920&spReportId=MTYyMDQ5OTkyMAS2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.201.80.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-80-84.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 18:56:52 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 35

GET
H2 200 ts
t.paypal.com/ 42 B
750 B 206ms
161ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Health%2C%20hope%2C%20and%20safe%20water%20for%20all%20%7C%20Water.org&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1669748212497&g=0&completeurl=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2&ru=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35DF) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 18:56:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/35DF)
traceparent: 00-00000000000000000008c63f239af0b1-51b7ab42242aa66a-01
content-type: image/gif
paypal-debug-id: 8c63f239af0b1
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=155
timing-allow-origin: *
content-length: 42
expires: Tue, 29 Nov 2022 18:56:52 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 6DB6 0
570 B 534ms
175ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 18:56:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-f28d86407686be4d579ebbdf8fb35905.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6DB6 281 KB
64 KB 57ms
56ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5479443ccf1903687dd86503857e45dd69ab8a54d604125707d8217e544bcfd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 18:15:30 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2484
x-cache: Hit from cloudfront
last-modified: Tue, 22 Nov 2022 03:54:48 GMT
server: Cloudfront
etag: W/"989ed53e94e7ad5c1f0b32b20bfa7a62"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OynFKWZuk5L0UY1sTdS_Bem9sdY178VOEsK-jQNDmTdLotbfFxzZMg==

GET
H2 200 controller-7debbe0b3d236f89f990509f6668b469.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6DB6 439 KB
116 KB 65ms
65ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-7debbe0b3d236f89f990509f6668b469.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7691302dfd8de93895388bca30d87b824943fb3505bc150c311c32f4106d0d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 17:59:38 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 3442
x-cache: Hit from cloudfront
last-modified: Tue, 22 Nov 2022 03:54:46 GMT
server: Cloudfront
etag: W/"a448b4cb3d20acf662dd0f764deb7a09"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: RWeo4N8PYxtUhb9iYh3BAHhALXL-vM-xV9AxtfApPmT7EfO9a9uNjA==

POST
H2 200 csp-report
q.stripe.com/ Frame 9270 0
571 B 526ms
171ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 18:56:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9270 0
570 B 528ms
173ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 18:56:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-f28d86407686be4d579ebbdf8fb35905.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9270 281 KB
64 KB 78ms
77ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5479443ccf1903687dd86503857e45dd69ab8a54d604125707d8217e544bcfd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 18:15:30 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2484
x-cache: Hit from cloudfront
last-modified: Tue, 22 Nov 2022 03:54:48 GMT
server: Cloudfront
etag: W/"989ed53e94e7ad5c1f0b32b20bfa7a62"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wyK4yNVLtpyb-6tHv_CKUcOLEt1KPcBvkAr4zeXE0QFxEEdgYfVO8A==

GET
H2 200 ui-shared-d642756d6b2fe5ff3f3082e52195392b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9270 231 KB
66 KB 86ms
85ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-d642756d6b2fe5ff3f3082e52195392b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c593a5955e5bbdb5e048535982fb1a361ebc620a99554eccc5fe24ce37f2201c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 18:05:51 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 3105
x-cache: Hit from cloudfront
last-modified: Mon, 21 Nov 2022 16:03:18 GMT
server: Cloudfront
etag: W/"e33bc9017f27150aa5e2780e01f8d8de"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: bL94HbCYKv2rsL1nGIJiSw-JrMlPGfr0OwllWG3VLBji4g-D66nMwQ==

GET
H2 200 elements-inner-card-209730d6bf04a838424b6fd7ca4d6525.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9270 50 KB
13 KB 90ms
90ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-209730d6bf04a838424b6fd7ca4d6525.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

769733bf26bce6487a83cd8295fea49b08e29f79700b0c9d14ff38ba8a660d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 18:06:55 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 3025
x-cache: Hit from cloudfront
last-modified: Mon, 21 Nov 2022 16:03:16 GMT
server: Cloudfront
etag: W/"8fc9391a1fe5856dc738a7f4442af61d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: cQb2ratF2wQKWz8UFhCodgyXiq1WsIWedopwAf6LTfg7mVFErqkN4w==

GET
H2 200 ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css
js.stripe.com/v3/fingerprinted/css/ Frame 9270 19 KB
3 KB 84ms
83ms Stylesheet
text/css 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0c5081ecc9f9ecdf2c760f97886c380097c444ecd4676884ff3c67bfbc0ec6a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 18:05:51 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 3070
x-cache: Hit from cloudfront
last-modified: Thu, 17 Nov 2022 21:36:36 GMT
server: Cloudfront
etag: W/"946f1f202e973574c4704321cd043858"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: -rbAUVQjcxIzi0ICJK0zNSj-0lue1KD3GqwX2KP4Xsk-dTYEj8VliQ==

GET
H2 200 elements-inner-card-df2f45d4dc3192d6ca0e0806752c6ace.css
js.stripe.com/v3/fingerprinted/css/ Frame 9270 5 KB
1 KB 85ms
84ms Stylesheet
text/css 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-df2f45d4dc3192d6ca0e0806752c6ace.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

40f32f785992d95f60702abf5baf09b4804fca7655de9d2ba169fec2ad84926e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 18:24:13 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1997
x-cache: Hit from cloudfront
last-modified: Thu, 17 Nov 2022 21:36:36 GMT
server: Cloudfront
etag: W/"d2626d1c6ef395c18991522165918639"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: tTCG-q0-ShIwnbobyd9d5IOrzx1bqA3_QGI9m1XwC5Qz8Di-DygomA==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 6DB6 474 B
865 B 20ms
8ms Fetch
application/json 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-103.fra56.r.cloudfront.net
Software: Cloudfront /
Resource Hash: b2c0129ed3fb90a9bc22f2ecd3f4730c6cf4ebf9d42a979b8ac6f20ba42a35b0

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Nov 2022 18:56:18 GMT
via: 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
last-modified: Tue, 22 Nov 2022 04:35:55 GMT
server: Cloudfront
x-amz-cf-pop: FRA56-P6
age: 36
etag: "8187e54a4c42e719206e850e7751fe34"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: 9PMLCCQne_1yFw111glouNYM5CIwZQRETUBH4hBJk13Utkdt2ciNjQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 9270 474 B
864 B 7ms
7ms Fetch
application/json 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-103.fra56.r.cloudfront.net
Software: Cloudfront /
Resource Hash: b2c0129ed3fb90a9bc22f2ecd3f4730c6cf4ebf9d42a979b8ac6f20ba42a35b0

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Nov 2022 18:56:18 GMT
via: 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
last-modified: Tue, 22 Nov 2022 04:35:55 GMT
server: Cloudfront
x-amz-cf-pop: FRA56-P6
age: 36
etag: "8187e54a4c42e719206e850e7751fe34"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: iRQGzuAmOHtfPtg6Zn5x-UA1r9CGfucqNAniYgcIhM7IDuRz4bQH7Q==

GET
H2 200 countryRanges-1e8b3d390a07073baae3a9d50ccffdd5.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 9270 143 KB
36 KB 9ms
9ms Fetch
application/json 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/countryRanges-1e8b3d390a07073baae3a9d50ccffdd5.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b1edba09a92cc8a52b69c18ec834510950b98f387cbe6014a53f92c5579a3725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 17:59:57 GMT
via: 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 3419
x-cache: Hit from cloudfront
last-modified: Wed, 09 Nov 2022 17:31:46 GMT
server: Cloudfront
etag: W/"1e8b3d390a07073baae3a9d50ccffdd5"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wL9Yr0iRj1EV1ng1GnWcoB24g6dh5xU0T7lV5Ub0nmmSTWlZlwDcBQ==

POST
H2 200 0 Show response
r.stripe.com/ Frame 6DB6 0
127 B 722ms
343ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 18:56:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6DB6 0
127 B 725ms
347ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 18:56:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6DB6 0
128 B 715ms
338ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 18:56:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6DB6 0
127 B 722ms
345ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 18:56:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6DB6 0
127 B 881ms
504ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 18:56:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6DB6 0
127 B 718ms
342ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 18:56:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6DB6 0
127 B 878ms
502ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 18:56:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6DB6 0
127 B 722ms
346ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 18:56:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6DB6 0
127 B 715ms
340ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 18:56:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6DB6 0
127 B 879ms
505ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 18:56:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6DB6 0
127 B 883ms
510ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 18:56:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6DB6 0
127 B 877ms
507ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 18:56:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6DB6 0
127 B 713ms
349ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 18:56:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 200 collector Show response
collector-px963uiwkr.px-cloud.net/api/v2/ 280 B
298 B 57ms
39ms XHR
application/json 35.190.10.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-px963uiwkr.px-cloud.net/api/v2/collector
Requested by: Host: cdn.donately.com
URL: https://cdn.donately.com/core/5.5/donately.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.10.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 1799dc53669309af05042d78c0e9f665260ee300ccd34cf2fde456aa152b5fbd

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Nov 2022 18:56:52 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://water.org
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 280

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 8831
Redirect Chain

https://insight.adsrvr.org/track/up?adv=ru6qq3d&ref=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Dd...
https://match.adsrvr.org/track/upb/?adv=ru6qq3d&ref=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Dd...

0
181 B

31ms
31ms

Document
text/html

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=ru6qq3d&ref=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2&upid=tyd8sea&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Tue, 29 Nov 2022 18:56:53 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 18:56:53 GMT
location: https://match.adsrvr.org/track/upb/?adv=ru6qq3d&ref=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2&upid=tyd8sea&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 2FF9 200 B
1 KB 8ms
7ms Document
text/html 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3051
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 18:06:03 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-id: RO05BVoGElsUmILPrM8-Va6iYS8XGJaWvi2tfxIFvm1jDXT1yj6Fyg==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H/1.1 200
OK usage.gif
usage.trackjs.com/ 43 B
229 B 405ms
96ms Image
image/gif 167.114.119.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usage.trackjs.com/usage.gif?token=72e0e06ec183489e97c7e33b6c481c16&correlationId=070436f3-091b-4c5c-8b00-88134ea118fe&application=dntly-form&x=4033170f-053d-409f-9e3b-3dbcf7b58c38&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.114.119.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-usage-2.tjsint.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Tue, 29 Nov 2022 18:56:53 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 0 Show response
r.stripe.com/ Frame 6DB6 0
127 B 447ms
446ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 29 Nov 2022 18:56:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame 2FF9 0
570 B 173ms
172ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 18:56:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2FF9 0
570 B 171ms
170ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 29 Nov 2022 18:56:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2FF9 631 B
1 KB 8ms
7ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 29 Nov 2022 18:55:58 GMT
x-content-type-options: nosniff
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 55
x-cache: Hit from cloudfront
content-length: 631
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 3XuWWZ3drJDp9pHm1SEUzlx7-QdMFgMOppPvX1mRYHzHBVuGJ-3RSQ==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame FF28 930 B
1 KB 39ms
6ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 29 Nov 2022 18:56:53 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 64
x-content-type-options: nosniff
x-request-id: 7559bbc7-6118-46a3-ab60-62e5aa94b758
x-served-by: cache-hhn4060-HHN
x-timer: S1669748213.207063,VS0,VE0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
343 B 34ms
13ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5WSKDZGKCV&gtm=2oeb90&_p=1264300519&gcs=G100&gdid=dYWJhMj&cid=1812471394.1669748213&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669748211&sct=1&seg=0&dl=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2&dt=Health%2C%20hope%2C%20and%20safe%20water%20for%20all%20%7C%20Water.org&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5WSKDZGKCV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 18:56:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://water.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
548 B 51ms
15ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=1130715192.1669748213&url=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F&gtm=2odb90&gdid=dYWJhMj

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8250794

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 18:56:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1264300519&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2&ul=en-us&de=UTF-8&dt=Health%2C%20hope%2C%20and%20safe%20water%20for%20all%20%7C%20Water.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=consent_change&ea=undefined&el=%2CC0001%2C&_u=aGDAAEIRQAAAAGAAIk~&cid=336658001.1669748213&tid=UA-2458604-37&_gid=1264935007.1669748213&gtm=2wgb90NLV38HP&gcs=G100&z=184343885

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 03:04:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57127
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

src=8250794;dc_pre=CP7a9OiI1PsCFVJDHgIdF3AIzg;type=globa0;cat=water0;ord=9801642559314;gtm=2odb90;gcs=G100;gdid=dYWJhMj;~oref=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DE...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=8250794;type=globa0;cat=water0;ord=9801642559314;gtm=2odb90;gcs=G100;gdid=dYWJhMj;~oref=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Fu...
https://ade.googlesyndication.com/ddm/activity/src=8250794;dc_pre=CP7a9OiI1PsCFVJDHgIdF3AIzg;type=globa0;cat=water0;ord=9801642559314;gtm=2odb90;gcs=G100;gdid=dYWJhMj;~oref=https%3A%2F%2Fwater.org%...

42 B
63 B

57ms
43ms

Image
image/gif

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=8250794;dc_pre=CP7a9OiI1PsCFVJDHgIdF3AIzg;type=globa0;cat=water0;ord=9801642559314;gtm=2odb90;gcs=G100;gdid=dYWJhMj;~oref=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2?

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 18:56:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Nov 2022 18:56:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://ade.googlesyndication.com/ddm/activity/src=8250794;dc_pre=CP7a9OiI1PsCFVJDHgIdF3AIzg;type=globa0;cat=water0;ord=9801642559314;gtm=2odb90;gcs=G100;gdid=dYWJhMj;~oref=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame FF28 0
344 B 170ms
169ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 18:56:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame FF28 86 KB
16 KB 7ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 29 Nov 2022 18:56:53 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 10
x-cache: HIT
content-length: 16031
x-request-id: b281c6bf-2183-485e-957e-1bfb5a25c8ce
x-served-by: cache-hhn4060-HHN
server: Fastly
x-timer: S1669748213.219735,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 26

POST
H2 200 6 Show response
m.stripe.com/ Frame FF28 156 B
523 B 546ms
181ms XHR
application/json 52.88.237.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.237.241 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-237-241.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8f1b49442501198a2443c05b84a6b8f1f115c3e2912ae79326780d15d468d911

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 29 Nov 2022 18:56:53 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ 295 B
797 B 8ms
8ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 29 Nov 2022 18:06:47 GMT
x-content-type-options: nosniff
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 3012
x-cache: Hit from cloudfront
content-length: 295
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Cloudfront
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: dgiVh9m3EMQ9IsUcGJjcwyrhFcEDiwY2ydKLOYFUZk1Z7ereCrmOXA==

POST 0
r.stripe.com/ Frame 6DB6 0
0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 32ms
15ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5WSKDZGKCV&gtm=2oeb90&_p=1264300519&gcs=G100&gdid=dYWJhMj&gtm_up=1&cid=1812471394.1669748213&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1669748211&sct=1&seg=0&dl=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2&dt=Health%2C%20hope%2C%20and%20safe%20water%20for%20all%20%7C%20Water.org&en=consent_change&ep.selected_cookies=%2CC0001%2C&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5WSKDZGKCV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Nov 2022 18:56:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://water.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r.stripe.com
URL: https://r.stripe.com/0

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
water.org/end-of-year-campaign-2022	1969-12-31 23:59:59	Name: consentObj Value: {"analytics_storage":"denied","functionality_storage":"denied","ad_storage":"denied","wait_for_update":1000}
.fonts.net/	1970-01-20 07:49:10	Name: __cf_bm Value: u0pF7eGVI2zttseDWxska9.3V7zR97RetQqHoB4RNNo-1669748210-0-Afa7VQSAY+uRYjoRCFByg1pJyph8qtS8SDApfDzEZE1GvcVkcJgut8/piBmg+S1f98CCzQeivwzr5aoKL7XZ6T4=
.water.org/	1970-01-20 09:58:44	Name: _gcl_au Value: 1.1.1401717711.1669748211
.water.org/	1970-01-20 17:25:08	Name: _ga Value: GA1.2.1828196971.1669748212
.water.org/	1970-01-20 07:50:34	Name: _gid Value: GA1.2.1410940829.1669748212
.water.org/	1970-01-20 07:49:08	Name: _gat_UA-2458604-37 Value: 1
.doubleclick.net/	1970-01-20 07:49:09	Name: test_cookie Value: CheckForPermission
.water.org/	1970-01-20 16:34:44	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Nov+29+2022+18%3A56%3A52+GMT%2B0000+(GMT)&version=202210.1.0&isIABGlobal=false&hosts=&consentId=6770ff5f-984b-4304-983a-edbe5c71444e&interactionCount=0&landingPath=https%3A%2F%2Fwater.org%2Fend-of-year-campaign-2022%2F%3Futm_source%3DEOY_04_20221129%26utm_medium%3Demail%26utm_campaign%3Deoy%26utm_content%3Ddonate_eoy_button%26utm_term%3DNovember%252029%2C%25202022%26spMailingID%3D8945452%26spUserID%3DMTI4NjA1MDgzOAS2%26spJobID%3D1620499920%26spReportId%3DMTYyMDQ5OTkyMAS2&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
water.org/	1969-12-31 23:59:59	Name: utmParamCookie Value: {%22utm_source%22:%22EOY_04_20221129%22%2C%22utm_medium%22:%22email%22%2C%22utm_campaign%22:%22eoy%22%2C%22utm_term%22:%22November%2029%2C%202022%22%2C%22utm_content%22:%22donate_eoy_button%22}
.water.org/	1970-01-20 07:49:08	Name: _gat_donatelyga Value: 1
water.org/	1970-01-20 07:49:08	Name: _pxff_cc Value: U2FtZVNpdGU9TGF4Ow==
.water.org/	1969-12-31 23:59:59	Name: pxcts Value: 95f7486f-7017-11ed-bbcf-736775567658
.water.org/	1970-01-20 16:34:44	Name: _pxvid Value: 95f73b5e-7017-11ed-bbcf-736775567658
.paypal.com/	1970-01-20 17:25:08	Name: ts Value: vreXpYrS%3D1764442612%26vteXpYrS%3D1669750012%26vr%3Dc4bfc3991840a985589350b3ffffffff%26vt%3Dc4bfc3991840a985589350b3fffffffe
.paypal.com/	1970-01-20 17:25:08	Name: ts_c Value: vr%3Dc4bfc3991840a985589350b3ffffffff%26vt%3Dc4bfc3991840a985589350b3fffffffe
.water.org/	1970-01-20 07:49:08	Name: _px2 Value: eyJ1IjoiOTVlZGVjZjAtNzAxNy0xMWVkLWFiN2UtNmI4OTQ3NzA0Zjg2IiwidiI6Ijk1ZjczYjVlLTcwMTctMTFlZC1iYmNmLTczNjc3NTU2NzY1OCIsInQiOjE2Njk3NDg1MTI5MjUsImgiOiJlYjg4ZGJiN2ViYWNkNDYyY2Q0MTE0NDVlNjlmNzQ4YTEwM2Y2NTU1NjMxYzkzNDEyZDI5M2YzNmYzOTdjN2RlIn0=
.adsrvr.org/	1970-01-20 16:34:44	Name: TDID Value: 2547232a-8657-44bc-857f-7d5df020154a
m.stripe.com/	1970-01-20 17:25:08	Name: m Value: 2a63d3c3-b9ea-4c9c-9fcf-ea61bcb9007ff9cb85
.water.org/	1970-01-20 16:34:44	Name: __stripe_mid Value: afb13088-7d20-41f2-90a7-df82907474b155da5d
.water.org/	1970-01-20 07:49:10	Name: __stripe_sid Value: c3c899e5-2363-4188-9151-96ac085732a31956f3

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hello.myfonts.net/count/32fd5b Message: Failed to load resource: the server responded with a status of 503 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
b.donately.com
cdn.cookielaw.org
cdn.donately.com
cdn.plaid.com
collector-px963uiwkr.px-cloud.net
fast.fonts.net
geolocation.onetrust.com
googleads.g.doubleclick.net
hello.myfonts.net
insight.adsrvr.org
js.adsrvr.org
js.stripe.com
links.mail8.spopessentials8.com
m.stripe.com
m.stripe.network
match.adsrvr.org
pagead2.googlesyndication.com
pixel.locker2.com
q.stripe.com
r.stripe.com
region1.google-analytics.com
s3.amazonaws.com
stats.g.doubleclick.net
t.paypal.com
usage.trackjs.com
water.org
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
r.stripe.com
104.16.148.64
104.16.24.39
104.17.224.78
104.17.244.73
104.18.27.85
108.138.15.119
108.138.7.103
142.250.185.66
142.250.185.67
142.250.186.130
142.250.186.66
142.250.186.68
142.251.5.156
143.204.89.97
151.101.0.176
151.101.1.21
151.101.194.133
151.101.2.137
167.114.119.127
172.217.18.8
192.229.221.25
216.239.34.178
216.239.34.36
3.33.220.150
34.201.80.84
35.190.10.96
52.217.69.238
52.222.214.83
52.88.237.241
54.186.23.98
65.9.66.20
02107a5cc81d7b26a29598d5ab0579e164e6ff9df44f13c388a316e41938cde9
05282053e4ee87cbf8fa06acc557f8f453e24d54a8836fa5d718d4c0ea48d10a
0867efe4ab18c35f3ea7591f9eee0ebbb8631a6e65f7287104d1f8eef992d9ea
087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d
0bb4457a21983eedb423058dbba9788909de635dbdbba8f740f6f444a3800383
0c5081ecc9f9ecdf2c760f97886c380097c444ecd4676884ff3c67bfbc0ec6a3
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69
1042f9b532e6cb5ebfe5476dd0975e4359aadb740d83d53c3be8f049c1c46ea3
1191ae75794cc0c0c2b4798e5bdb20f2d1705d35d245d13ffe16dd5a0c72f1c5
1439e4bfba496b280c58854b4ed4e74be92993a0f7699164f8822b3db5ea1dba
1799dc53669309af05042d78c0e9f665260ee300ccd34cf2fde456aa152b5fbd
1cc89be92b323a31353c1e8b78332306314e1b5d42312a1fb73954bdf5107375
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
219a25d084f20da146572fdd2ee13465b3e0b7b409930e1032d0f02624c21622
22c56890296a2208aa6bbfb8ab0f079b0ba4c37310eaa4f6f1c7095709abcfeb
23d7d6b97a29f641ab02a6195cf15c56ca5526a476e02a2242b8394fb7d01b7c
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3ec4214472d1e0b9bfb9640ed2804b7d3ac7d08a5a57c4cc2afc63e7ad5a431e
40f32f785992d95f60702abf5baf09b4804fca7655de9d2ba169fec2ad84926e
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4ac5a5e397736742ade8861193a4af6f4b395a15651f6d0f6703cb483ac82077
507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d
52151957666e98e0cc6be1916cc2560cecae66598b14670e11f90e6f67dcc7ad
5479443ccf1903687dd86503857e45dd69ab8a54d604125707d8217e544bcfd4
58239344d026fbeadfe03d62e815b8d8c9e9766fe547c33da403192bb2cc0302
58956014e17e5abf6ea29931ceb50c6167a489424f905fccbae2fcf3de11ffbc
59bc6e8d1968a370b8466d220e52d2e995fab04963151ba428f62e4d64209f48
67e40afea590dbd487bf12f6ceaa5c16e606cbec9268c64b69a371d5fb3cc09b
695073d761566f2eea9cc9363063ae1f6e2ab5e123add94249c5407e47c89b9e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6da6cedaf0aa7b00c8d98fb7691ee1cda716d83bc7a8895391da6c56f7718a26
71d10da19ae1446117c850a4ad2f0f3649abafee9a8e0a5e561d013973c844f5
732f1e301c4e4714fce625a9298358a89f2f61bf5c04c948b87fa5aa841cd83e
747c8872c7043febfb6f1439aa3d9f00ebfc54da9303a43c3d4f0ed2b9b59e61
7691302dfd8de93895388bca30d87b824943fb3505bc150c311c32f4106d0d5f
769733bf26bce6487a83cd8295fea49b08e29f79700b0c9d14ff38ba8a660d72
78d841603c1fb0f235d7d248d874505f99ff4af1d5944819c86c095543db5757
7b56fd5e76918e24d4923db1da2652a33ac5affb57cfb4e719301494ecfcaae1
7e3c7dc8d0e9740bf94a938073de9da53213b08f75173ffccf8efacc88d088dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f1b49442501198a2443c05b84a6b8f1f115c3e2912ae79326780d15d468d911
9502881f71d42d5599e4f3d592d78d5c1a358b704c5a388e7ee46c9885c5458f
9769bc693b421a55220ada1d37532abce9a4aeff6aea7a3a3f941ecd45f57659
9a2015c473213831981ddada105d614405bbb66fadddb4448326e44bb80611dc
9acdfd48e0cae6ac8f391a297dceac1712ed304c51f7ba70ea4321f5344be829
a1e3474d1f359ad05f17810c72011240251761e42cf2ae812408eca398c974ff
a42bc2665485ce601662cc5273620f66a61b4a001b22b594d5acbb9cfe86bd45
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
b0f46d0b1281742fd99e2a372327c076ea1ac9b7f5be38625f49e8cbb18993d8
b1edba09a92cc8a52b69c18ec834510950b98f387cbe6014a53f92c5579a3725
b2c0129ed3fb90a9bc22f2ecd3f4730c6cf4ebf9d42a979b8ac6f20ba42a35b0
b2f40b237af74c2c6031f62ba9774503a783bfab0fc2dce9b5a27a75ee534080
b342deea15166d46b81a19b19ada253a83949b90c8b63547b0d9b7498b2d79c5
b3cbcb98c28992b8a9c3dfd6ebbe04f7ef16731210fd1ccf90dc725110d3a43c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
c2fffece46cd12e9f00b965462c62379a465889a5beb37603fd39417a2d64afc
c42938a1ab0f52ebf0832edff778ad471032f662ffc99ba01cf8bfe8ffed4bf0
c593a5955e5bbdb5e048535982fb1a361ebc620a99554eccc5fe24ce37f2201c
cece2352087cfca9a8dc2465945fe8044c4e02c7be85ffabdcc61da7f5182230
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1da5e11f8ba0e1d079e244429e0d313904895cf014cdd322a76288e11cb83ab
d5014cc02a7f7a13f8b87a142df83dd4fdf550e0e4ac6457972f0bbe87d4b5e9
d871e662ea88caa5605e6dc51b38eb1a0d7c7e168bfe8de0a5434c6a44d4e00c
d94edd219d965011aa7c423435675f8fc3aba340d1d2a45840c88592b922dbf2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1eba4459deb7d09d5124b02027a94bbd3bcba87b8567418b4f573d608343f0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eeecde5a4a7e74c7830b62c28d45d52ff03b65a69ebaa41c5279d77a5cf6bf26
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f87b2df0a1cbeff6208b5594ce402187918867e5166247537feb45650d30da4a
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
fbe0f9a875f430b13031b2823fe2aa69c78f966c5650a4afc66c43cb338520cb
fd46e7a7282fdd649cfcccd1c3dc801bf9b1d22df08392a58c7007c4dc391a34
fd5d9b4eb898235d18fbe41036e84f32af7bd54712bcb1177de83460405f4fc0
fe17d49ac474429ac6c940ce41aed5a2455d285118bc9b57561ddb627037a68b

water.org Open in urlscan Pro 104.16.24.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

98 %HTTPS

0 %IPv6

23 Domains

33 Subdomains

31 IPs

3 Countries

4029 kBTransfer

8617 kBSize

20 Cookies

13 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

water.org Open in urlscan Pro
104.16.24.39 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

98 %
HTTPS

0 %
IPv6

23
Domains

33
Subdomains

31
IPs

3
Countries

4029 kB
Transfer

8617 kB
Size

20
Cookies

122 HTTP transactions
3 data transactions