urlscan.io logo urlscan.io
SecurityTrails logo

www.redcrossblood.org Open in urlscan Pro
2a02:26f0:6c00:2be::35ce  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.redcrossblood.org/give/drive/driveSearchList.jsp?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_reques...
Effective URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Submission: On June 21 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 6 countries across 31 domains to perform 63 HTTP transactions. The main IP is 2a02:26f0:6c00:2be::35ce, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.redcrossblood.org.
TLS certificate: Issued by DigiCert Secure Site ECC CA-1 on March 31st 2020. Valid for: a year.
This is the only time www.redcrossblood.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 184.30.24.121 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 52.31.68.29 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2620:1ec:c11:... 8068 (MICROSOFT...)
1 65.9.84.70 16509 (AMAZON-02)
5 2a03:2880:f01... 32934 (FACEBOOK)
3 18.198.240.31 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.18.235.40 16625 (AKAMAI-AS)
1 52.19.186.105 16509 (AMAZON-02)
1 15.236.176.210 16509 (AMAZON-02)
1 1 54.194.191.134 16509 (AMAZON-02)
1 34.252.166.160 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 5 142.250.186.38 15169 (GOOGLE)
1 65.9.77.104 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f11... 32934 (FACEBOOK)
1 2600:9000:210... 16509 (AMAZON-02)
1 2.18.233.201 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
8 8 151.101.14.49 54113 (FASTLY)
1 142.250.185.130 15169 (GOOGLE)
1 69.173.144.139 26667 (RUBICONPR...)
2 2600:9000:210... 16509 (AMAZON-02)
1 2 2.18.234.21 16625 (AKAMAI-AS)
1 2 37.252.172.36 29990 (ASN-APPNEX)
1 2 35.244.159.8 15169 (GOOGLE)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 151.101.114.110 54113 (FASTLY)
2 162.247.242.20 23467 (NEWRELIC-...)
63 36
5    2a02:26f0:6c00:2be::35ce (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.redcrossblood.org
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a02:26f0:6c00:2b5::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
3    184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    52.31.68.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-68-29.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    65.9.84.70 (United States)

ASN16509 (AMAZON-02, US)
d10lpsik1i8c69.cloudfront.net
5    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    18.198.240.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-240-31.eu-central-1.compute.amazonaws.com
collection.decibelinsight.net
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
1    52.19.186.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-186-105.eu-west-1.compute.amazonaws.com
redcross.demdex.net
1    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
smetrics.redcross.org
1    54.194.191.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    34.252.166.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-166-160.eu-west-1.compute.amazonaws.com
theamericannationalr.tt.omtrdc.net
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
4706068.fls.doubleclick.net
fls.doubleclick.net
1    65.9.77.104 (United States)

ASN16509 (AMAZON-02, US)
cdn.branch.io
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
5    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2600:9000:2104:ee00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.link
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
8    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2600:9000:2104:1600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)
api2.branch.io
2    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    37.252.172.36 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
9 everesttech.net
cm.everesttech.net
sync-tm.everesttech.net
2 KB
7 doubleclick.net
stats.g.doubleclick.net
4706068.fls.doubleclick.net
fls.doubleclick.net
cm.g.doubleclick.net
2 KB
5 facebook.com
www.facebook.com
478 B
5 facebook.net
connect.facebook.net
198 KB
5 bing.com
bat.bing.com
9 KB
5 redcrossblood.org
www.redcrossblood.org
chat.redcrossblood.org Failed
776 KB
4 demdex.net
dpm.demdex.net
redcross.demdex.net
7 KB
3 branch.io
cdn.branch.io
api2.branch.io
25 KB
3 decibelinsight.net
collection.decibelinsight.net
74 KB
3 adobedtm.com
assets.adobedtm.com
114 KB
2 nr-data.net
bam.nr-data.net
463 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 openx.net
us-u.openx.net
470 B
2 adnxs.com
ib.adnxs.com
2 KB
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 google.com
adservice.google.com
622 B
2 youtube.com
www.youtube.com
43 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 addthis.com
s7.addthis.com
190 KB
1 addthisedge.com
v1.addthisedge.com
813 B
1 newrelic.com
js-agent.newrelic.com
14 KB
1 pubmatic.com
image2.pubmatic.com
547 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 mathtag.com
pixel.mathtag.com
506 B
1 app.link
app.link
564 B
1 omtrdc.net
theamericannationalr.tt.omtrdc.net
3 KB
1 redcross.org
smetrics.redcross.org
512 B
1 moatads.com
z.moatads.com
1 KB
1 cloudfront.net
d10lpsik1i8c69.cloudfront.net
3 KB
1 googletagmanager.com
www.googletagmanager.com
34 KB
1 cloudflare.com
cdnjs.cloudflare.com
22 KB
63 31
Domain Requested by
8 sync-tm.everesttech.net 8 redirects
5 www.facebook.com www.redcrossblood.org
4706068.fls.doubleclick.net
5 connect.facebook.net www.redcrossblood.org
4706068.fls.doubleclick.net
connect.facebook.net
5 bat.bing.com www.redcrossblood.org
bat.bing.com
5 www.redcrossblood.org 1 redirects www.redcrossblood.org
4 4706068.fls.doubleclick.net 1 redirects www.googletagmanager.com
www.redcrossblood.org
3 collection.decibelinsight.net www.redcrossblood.org
3 dpm.demdex.net 1 redirects www.redcrossblood.org
3 assets.adobedtm.com www.redcrossblood.org
2 bam.nr-data.net www.redcrossblood.org
2 sync.search.spotxchange.com 1 redirects www.redcrossblood.org
2 us-u.openx.net 1 redirects www.redcrossblood.org
2 ib.adnxs.com 1 redirects www.redcrossblood.org
2 dsum-sec.casalemedia.com 1 redirects www.redcrossblood.org
2 api2.branch.io www.redcrossblood.org
2 adservice.google.com 4706068.fls.doubleclick.net
2 www.youtube.com www.redcrossblood.org
2 www.google-analytics.com www.redcrossblood.org
2 s7.addthis.com www.redcrossblood.org
1 v1.addthisedge.com www.redcrossblood.org
1 js-agent.newrelic.com www.redcrossblood.org
1 image2.pubmatic.com www.redcrossblood.org
1 pixel.rubiconproject.com www.redcrossblood.org
1 cm.g.doubleclick.net www.redcrossblood.org
1 pixel.mathtag.com 4706068.fls.doubleclick.net
1 app.link www.redcrossblood.org
1 fls.doubleclick.net 1 redirects
1 cdn.branch.io www.redcrossblood.org
1 stats.g.doubleclick.net www.redcrossblood.org
1 theamericannationalr.tt.omtrdc.net www.redcrossblood.org
1 cm.everesttech.net 1 redirects
1 smetrics.redcross.org www.redcrossblood.org
1 redcross.demdex.net www.redcrossblood.org
1 z.moatads.com www.redcrossblood.org
1 d10lpsik1i8c69.cloudfront.net www.redcrossblood.org
1 www.googletagmanager.com assets.adobedtm.com
1 cdnjs.cloudflare.com www.redcrossblood.org
0 chat.redcrossblood.org Failed www.redcrossblood.org
63 38

This site contains no links.

Subject Issuer Validity Valid
redcrossblood.org
DigiCert Secure Site ECC CA-1		 2020-03-31 -
2021-06-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-08 -
2021-09-30		 9 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.decibelinsight.net
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2020-12-21 -
2022-01-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
smetrics.redcross.org
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-14 -
2022-07-15		 a year crt.sh
*.tt.omtrdc.net
DigiCert SHA2 Secure Server CA		 2020-11-02 -
2021-11-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.branch.io
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-25		 a year crt.sh
appipv4.link
Amazon		 2020-07-22 -
2021-08-22		 a year crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2021-07-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-21 -
2022-04-10		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Frame ID: 6380726372A689059EAB0B9DCF6119EB
Requests: 44 HTTP requests in this frame

Frame: https://redcross.demdex.net/dest5.html?d_nsid=0
Frame ID: 9EC674965BF216AAC9B343864117851E
Requests: 9 HTTP requests in this frame

Frame: https://4706068.fls.doubleclick.net/activityi;dc_pre=CO7nrvv7qPECFZacUQod2y8OBQ;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932
Frame ID: F826CF1DFBBF67BE3F188A395EC18C45
Requests: 8 HTTP requests in this frame

Frame: https://4706068.fls.doubleclick.net/activityi;dc_pre=CKyrsvv7qPECFdPk1QodbRYNRA;src=4706068;type=rcopa0;cat=rconeADO;u6=34199799939159900591101174873421055344;ord=5459593348760.29
Frame ID: D4CC716C6CBE543BB91DC4C343D3F6DA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.redcrossblood.org/give/drive/driveSearchList.jsp?zipSponsor=Asynchrony&sd=030718&ed=060518&zip... HTTP 301
    https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

63
Requests

98 %
HTTPS

41 %
IPv6

31
Domains

38
Subdomains

36
IPs

6
Countries

1540 kB
Transfer

6116 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.redcrossblood.org/give/drive/driveSearchList.jsp?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932 HTTP 301
    https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=723A22C757518E2C7F000101%40AdobeOrg&d_nsid=0&ts=1624286827760 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=723A22C757518E2C7F000101%40AdobeOrg&d_nsid=0&ts=1624286827760
Request Chain 25
  • https://cm.everesttech.net/cm/dd?d_uuid=34525058901224509021141625986843304589 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YNCmbAAAAMOtlSkN
Request Chain 28
  • https://4706068.fls.doubleclick.net/activityi;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932 HTTP 302
  • https://4706068.fls.doubleclick.net/activityi;dc_pre=CO7nrvv7qPECFZacUQod2y8OBQ;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932
Request Chain 34
  • https://fls.doubleclick.net/activityi;src=4706068;type=rcopa0;cat=rconeADO;u6=34199799939159900591101174873421055344;ord=5459593348760.29 HTTP 302
  • https://4706068.fls.doubleclick.net/activityi;dc_pre=CKyrsvv7qPECFdPk1QodbRYNRA;src=4706068;type=rcopa0;cat=rconeADO;u6=34199799939159900591101174873421055344;ord=5459593348760.29
Request Chain 41
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WU5DbWJBQUFBTU90bFNrTg==
Request Chain 45
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YNCmbAAAAMOtlSkN&expires=90
Request Chain 47
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YNCmbAAAAMOtlSkN HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YNCmbAAAAMOtlSkN&C=1
Request Chain 49
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YNCmbAAAAMOtlSkN HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYNCmbAAAAMOtlSkN
Request Chain 50
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YNCmbAAAAMOtlSkN HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YNCmbAAAAMOtlSkN
Request Chain 51
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNCmbAAAAMOtlSkN
Request Chain 53
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YNCmbAAAAMOtlSkN&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YNCmbAAAAMOtlSkN&img=1&__user_check__=1&sync_id=8e57c1c8-d29f-11eb-8a5b-19b4ac340106
Request Chain 54
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YNCmbAAAAMOtlSkN&t=2592000&o=0

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request drive-results
www.redcrossblood.org/give.html/
Redirect Chain
  • https://www.redcrossblood.org/give/drive/driveSearchList.jsp?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
  • https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2be::35ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
f46f289115650120d8e0f2b31c4ae3c9b6af900778d910a83fb91d13aa4c2c9b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.adobe.com;
Strict-Transport-Security max-age=15768000 ; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://adobe.com/ ALLOW-FROM https://redcrossblood.org/

Request headers

:method
GET
:authority
www.redcrossblood.org
:scheme
https
:path
/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache="set-cookie"
content-encoding
gzip
content-type
text/html;charset=utf-8
etag
"f60-5c5476e1fbe2e-gzip"
last-modified
Mon, 21 Jun 2021 14:24:24 GMT
server
Apache
x-content-type-options
nosniff
x-dispatcher
dispatcher1useast1
x-vhost
redcrossblood
content-length
1564
date
Mon, 21 Jun 2021 14:47:07 GMT
vary
Accept-Encoding
set-cookie
AWSELB=7D1377611C31B1685B06F40687BE9DAB573F5785319584550FA72D4AB130640AD14018241F0DC43624F0FFB4373C80C2864A949BAC964A33ED94BFDB59EB60F46D170614EB;PATH=/;MAX-AGE=900 AWSELBCORS=7D1377611C31B1685B06F40687BE9DAB573F5785319584550FA72D4AB130640AD14018241F0DC43624F0FFB4373C80C2864A949BAC964A33ED94BFDB59EB60F46D170614EB;PATH=/;MAX-AGE=900;SECURE;SAMESITE=None
strict-transport-security
max-age=15768000 ; preload
x-frame-options
ALLOW-FROM https://adobe.com/ ALLOW-FROM https://redcrossblood.org/
content-security-policy
frame-ancestors 'self' https://*.adobe.com;

Redirect headers

server
AkamaiGHost
content-length
0
location
/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
date
Mon, 21 Jun 2021 14:47:07 GMT
strict-transport-security
max-age=15768000 ; preload
x-frame-options
ALLOW-FROM https://adobe.com/ ALLOW-FROM https://redcrossblood.org/
content-security-policy
frame-ancestors 'self' https://*.adobe.com;
rcbblooddrive.min.cade0c048c099a5c66c08ee768b99b62.css
www.redcrossblood.org/etc/clientlibs/redcross/ 		36 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive.min.cade0c048c099a5c66c08ee768b99b62.css
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2be::35ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
a8ad2f79bd5239967f4249a13312ca11e0da3edc3ef4638578ba026fc39ab407
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.adobe.com;
Strict-Transport-Security max-age=15768000 ; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://adobe.com/ ALLOW-FROM https://redcrossblood.org/

Request headers

:path
/etc/clientlibs/redcross/rcbblooddrive.min.cade0c048c099a5c66c08ee768b99b62.css
pragma
no-cache
cookie
AWSELB=7D1377611C31B1685B06F40687BE9DAB573F5785319584550FA72D4AB130640AD14018241F0DC43624F0FFB4373C80C2864A949BAC964A33ED94BFDB59EB60F46D170614EB; AWSELBCORS=7D1377611C31B1685B06F40687BE9DAB573F5785319584550FA72D4AB130640AD14018241F0DC43624F0FFB4373C80C2864A949BAC964A33ED94BFDB59EB60F46D170614EB
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.redcrossblood.org
referer
https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-dispatcher
dispatcher2uswest1
date
Mon, 21 Jun 2021 14:47:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vhost
redcrossblood
vary
Accept-Encoding
content-length
17723
last-modified
Wed, 09 Jun 2021 17:51:42 GMT
server
Apache
x-frame-options
ALLOW-FROM https://adobe.com/ ALLOW-FROM https://redcrossblood.org/
etag
"910a-5c458ed5cc780-gzip"
strict-transport-security
max-age=15768000 ; preload
content-type
text/css;charset=utf-8
cache-control
max-age=70939
content-security-policy
frame-ancestors 'self' https://*.adobe.com;
accept-ranges
bytes
expires
Tue, 22 Jun 2021 10:29:26 GMT
new-relic-rcbbloodapp-prod.js
www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2be::35ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
82aa8d65d7e8a711d4e887349d5d9f7553a5dc355f40fa7d91e21a4f2de4e3ff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.adobe.com;
Strict-Transport-Security max-age=15768000 ; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://adobe.com/ ALLOW-FROM https://redcrossblood.org/

Request headers

:path
/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
pragma
no-cache
cookie
AWSELB=7D1377611C31B1685B06F40687BE9DAB573F5785319584550FA72D4AB130640AD14018241F0DC43624F0FFB4373C80C2864A949BAC964A33ED94BFDB59EB60F46D170614EB; AWSELBCORS=7D1377611C31B1685B06F40687BE9DAB573F5785319584550FA72D4AB130640AD14018241F0DC43624F0FFB4373C80C2864A949BAC964A33ED94BFDB59EB60F46D170614EB
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.redcrossblood.org
referer
https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-dispatcher
dispatcher2uswest1
date
Mon, 21 Jun 2021 14:47:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vhost
redcrossblood
content-disposition
attachment
vary
Accept-Encoding
content-length
9593
last-modified
Thu, 19 Nov 2020 19:51:00 GMT
server
Apache
x-frame-options
ALLOW-FROM https://adobe.com/ ALLOW-FROM https://redcrossblood.org/
etag
"6aa2-5b47b0c117100-gzip"
strict-transport-security
max-age=15768000 ; preload
content-type
application/javascript
cache-control
no-cache
content-security-policy
frame-ancestors 'self' https://*.adobe.com;
accept-ranges
bytes
expires
Mon, 21 Jun 2021 14:47:07 GMT
jquery.slim.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		68 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.slim.min.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 14:47:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2236449
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
21813
cf-request-id
0ad0a32c5c0000dffb55b95000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1111d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bpzW7URF2M5zMpo02t1kCuVA5T7t4hO47n1SQA9IUZnQADBJy9LoGyXhuxPjBOtouICDRmGkDecYB2aYyF144%2BjmODMXrOYQlljdgeWcYYXsRH6WMe749Xm4qaWp994Lr%2FzlajBoks0%2B50%2Fhsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
662e07c09b09dffb-FRA
expires
Sat, 11 Jun 2022 14:47:07 GMT
launch-a1e85d51a3d8.min.js
assets.adobedtm.com/16a36399704a/453d9ca51f91/ 		342 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/16a36399704a/453d9ca51f91/launch-a1e85d51a3d8.min.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b5::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
da1da051c341f4b635535bd9116ba74ed95299a9d3ee44f7c30fcae521271345

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 14:47:07 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 19:56:33 GMT
server
AkamaiNetStorage
etag
"fe538128ae780c030eae762fe0475713:1623182193.362571"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.redcrossblood.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Jun 2021 15:47:07 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-121.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Mon, 21 Jun 2021 14:47:07 GMT
x-host
s7.addthis.com
content-length
116325
rcbblooddrive.min.c8cb1895f8b7b44b249f8c24c2563b13.js
www.redcrossblood.org/etc/clientlibs/redcross/ 		4 MB
746 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive.min.c8cb1895f8b7b44b249f8c24c2563b13.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2be::35ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
5789f37825c5ab7a1c966e23c1923d9f4be2a7316d37dd5fcf8855693d90844c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.adobe.com;
Strict-Transport-Security max-age=15768000 ; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://adobe.com/ ALLOW-FROM https://redcrossblood.org/

Request headers

:path
/etc/clientlibs/redcross/rcbblooddrive.min.c8cb1895f8b7b44b249f8c24c2563b13.js
pragma
no-cache
cookie
AWSELB=7D1377611C31B1685B06F40687BE9DAB573F5785319584550FA72D4AB130640AD14018241F0DC43624F0FFB4373C80C2864A949BAC964A33ED94BFDB59EB60F46D170614EB; AWSELBCORS=7D1377611C31B1685B06F40687BE9DAB573F5785319584550FA72D4AB130640AD14018241F0DC43624F0FFB4373C80C2864A949BAC964A33ED94BFDB59EB60F46D170614EB
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.redcrossblood.org
referer
https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-dispatcher
dispatcher2uswest1
date
Mon, 21 Jun 2021 14:47:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vhost
redcrossblood
vary
Accept-Encoding
content-length
762241
last-modified
Wed, 16 Jun 2021 17:35:32 GMT
server
Apache
x-frame-options
ALLOW-FROM https://adobe.com/ ALLOW-FROM https://redcrossblood.org/
etag
"389619-5c4e5846f6100-gzip"
strict-transport-security
max-age=15768000 ; preload
content-type
application/javascript;charset=utf-8
cache-control
no-cache
content-security-policy
frame-ancestors 'self' https://*.adobe.com;
accept-ranges
bytes
expires
Mon, 21 Jun 2021 14:47:07 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6510
date
Mon, 21 Jun 2021 12:58:37 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Mon, 21 Jun 2021 14:58:37 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=723A22C757518E2C7F000101%40AdobeOrg&d_nsid=0&ts=1624286827760
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=723A22C757518E2C7F000101%40AdobeOrg&d_nsid=0&ts=1624286827760
2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=723A22C757518E2C7F000101%40AdobeOrg&d_nsid=0&ts=1624286827760
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.68.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-68-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a16a6d6e6c4cb06a54ce07bf3df17d65d882e18bf32c00e94c6c74a26fc6f334
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v009-0b62bd06e.edge-irl1.demdex.com 6.3.0.20210616085605
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
Nwr4r6LGQaY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.redcrossblood.org
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
897
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v009-04d413894.edge-irl1.demdex.com 6.3.0.20210616085605
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.redcrossblood.org
X-TID
yqF4P/r0TXs=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=723A22C757518E2C7F000101%40AdobeOrg&d_nsid=0&ts=1624286827760
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
EXbe5be52203d742aea945609b4b77d096-libraryCode_source.min.js
assets.adobedtm.com/16a36399704a/453d9ca51f91/66fdd0ed6c63/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/16a36399704a/453d9ca51f91/66fdd0ed6c63/EXbe5be52203d742aea945609b4b77d096-libraryCode_source.min.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b5::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c1b0fc3d1fed6d19e0119843994235fd8d69fb51da5dd8c3d37f669895fda2e3

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 14:47:07 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 19:56:34 GMT
server
AkamaiNetStorage
etag
"79f00db4d342be6a3179c3b4b66558c3:1623182194.177261"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.redcrossblood.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
24385
expires
Mon, 21 Jun 2021 15:47:07 GMT
js
www.googletagmanager.com/gtag/ 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-4706068
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/16a36399704a/453d9ca51f91/launch-a1e85d51a3d8.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54db2bc10861b6793ba752f7f0135e131011db3f7d27f0596dae02bb6cacbe85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 14:47:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34229
x-xss-protection
0
last-modified
Mon, 21 Jun 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 21 Jun 2021 14:47:07 GMT
bat.js
bat.bing.com/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
last-modified
Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref
Ref A: A4940C941A824B8391F483934ADA63C2 Ref B: FRAEDGE1518 Ref C: 2021-06-21T14:47:07Z
etag
"0d2a696ff53d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9008
w.js
d10lpsik1i8c69.cloudfront.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f06150cd74f4090b6b1194c7fb227fda21f859229aa851169b8116e330ee160b

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 14:30:05 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:29:57 GMT
server
AmazonS3
age
1024
etag
W/"6f6cd12e9b9fb6a70e03f3fc2cae03a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
zK-5ULNR2KQ0sZOEo_NCihbpcWzofTYyxpSrnulId6z3DK7nY2yGXQ==
fbevents.js
connect.facebook.net/en_US/ 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24515
x-xss-protection
0
pragma
public
x-fb-debug
kQa0o1YZC5W76d+14ntQAdhTuNURzA3JqdgoRY6MdpDyTHgmgs3hRHD6xFeFplzrm5kiJbUQrg24gZBdrodt0A==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Mon, 21 Jun 2021 14:47:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
di.js
collection.decibelinsight.net/i/13946/330715/ 		170 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collection.decibelinsight.net/i/13946/330715/di.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.240.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-240-31.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ebe045d65a67156d04dac50d8fbb111ae4bcaa27a00ff0422bcf3d1d346f9ed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 21 Jun 2021 14:47:08 GMT
Content-Encoding
gzip
Vary
Origin
Server
nginx
ETag
W/000068254-17A2F0A16B7
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Cache-Control
private, max-age=7200
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
RC40e397a2217243669556bcf1f49ed37f-source.min.js
assets.adobedtm.com/16a36399704a/453d9ca51f91/66fdd0ed6c63/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/16a36399704a/453d9ca51f91/66fdd0ed6c63/RC40e397a2217243669556bcf1f49ed37f-source.min.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b5::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4b7a338a91055c334d338108139bfc34aa3ad30292231743a724554d858b3361

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 14:47:08 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 19:56:34 GMT
server
AkamaiNetStorage
etag
"79f00db4d342be6a3179c3b4b66558c3:1623182194.177261"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.redcrossblood.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
833
expires
Mon, 21 Jun 2021 15:47:08 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2120866487&t=pageview&_s=1&dl=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932&ul=en-us&de=UTF-8&dt=Schedule%20Your%20Blood%20Donation%20With%20The%20Red%20Cross&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAAC~&jid=1435177496&gjid=1656967825&cid=149401212.1624286828&tid=UA-2473523-6&_gid=762738777.1624286828&_r=1&_slc=1&z=1157127502
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Jun 2021 14:47:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.redcrossblood.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe_api
www.youtube.com/ 		980 B
893 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4d8fb34a348de04796d4c3345c6dd241140103619b8d2a5d915b6ec0574c7175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 14:47:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 21 Jun 2021 14:47:08 GMT
c.json
collection.decibelinsight.net/i/13946/330715/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://collection.decibelinsight.net/i/13946/330715/c.json
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.240.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-240-31.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
77bb873c878b5d6afbda3c4bdf3edef8ee233cbc8e414cc5b9a907a3fb3b1af6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 21 Jun 2021 14:47:08 GMT
Content-Encoding
gzip
Vary
Origin
Server
nginx
ETag
W/000068255-17A2F0A16F8
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.redcrossblood.org
Cache-Control
private, max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
36000116.js
bat.bing.com/p/action/ 		0
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/36000116.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 21 Jun 2021 14:47:07 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: DE531AB583254DEF95676D8A65A291B3 Ref B: FRAEDGE1518 Ref C: 2021-06-21T14:47:08Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/actionp/ 		0
117 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/actionp/0?ti=36000116&Ver=2&mid=1b9662af-b7f8-41b8-bde5-9a7393938f54&sid=8d99fbd0d29f11ebaabc25c4ad85d955&vid=8d9a5b20d29f11eb9cb71366ad287388&vids=1&evt=pageHide
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 21 Jun 2021 14:47:07 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 5918E47E1F8044B7AF5B5A570421D703 Ref B: FRAEDGE1518 Ref C: 2021-06-21T14:47:08Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=36000116&Ver=2&mid=1b9662af-b7f8-41b8-bde5-9a7393938f54&sid=8d99fbd0d29f11ebaabc25c4ad85d955&vid=8d9a5b20d29f11eb9cb71366ad287388&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Schedule%20Your%20Blood%20Donation%20With%20The%20Red%20Cross&p=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932&r=&lt=889&evt=pageLoad&msclkid=N&sv=1&rn=613416
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 21 Jun 2021 14:47:07 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 0FD424231EDA428A8354F04363014120 Ref B: FRAEDGE1518 Ref C: 2021-06-21T14:47:08Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=36000116&Ver=2&mid=44c29a64-cbc0-4fd1-9f55-52b221076b2c&sid=8d99fbd0d29f11ebaabc25c4ad85d955&vid=8d9a5b20d29f11eb9cb71366ad287388&vids=0&page_path=%2FTest_RCOBIO_2889&spa=Y&p=https%3A%2F%2Fwww.redcrossblood.org%2FTest_RCOBIO_2889&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Schedule%20Your%20Blood%20Donation%20With%20The%20Red%20Cross&r=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932&evt=pageLoad&msclkid=N&sv=1&rn=775070
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 21 Jun 2021 14:47:07 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 7366E0B1D0C340578ADAF287E6880AAC Ref B: FRAEDGE1518 Ref C: 2021-06-21T14:47:08Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 14:47:08 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=23187
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
dest5.html
redcross.demdex.net/ Frame 9EC6 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redcross.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.186.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-186-105.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
redcross.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.redcrossblood.org/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=34525058901224509021141625986843304589
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.redcrossblood.org/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Mon, 21 Jun 2021 14:47:08 GMT
DCS
dcs-prod-irl1-1-v009-02c08a8e3.edge-irl1.demdex.com 6.3.0.20210616085605
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 16 Jun 2021 13:24:32 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
1plCnUf/Sp8=
Content-Length
2791
Connection
keep-alive
id
smetrics.redcross.org/ 		48 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.redcross.org/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=723A22C757518E2C7F000101%40AdobeOrg&mid=34199799939159900591101174873421055344&ts=1624286828288
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
8055e0c87a9da24257e26aeb52263c778cc936b45271f5f5201c134a21fc655f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 21 Jun 2021 14:47:08 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-797fdb56c6-t9xdl
vary
Origin
x-c
main-1488.Iee2041.M0-503
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.redcrossblood.org
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YNCmbAAAAMOtlSkN
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=34525058901224509021141625986843304589
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YNCmbAAAAMOtlSkN
42 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YNCmbAAAAMOtlSkN
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.68.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-68-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v009-0d8aad14a.edge-irl1.demdex.com 6.3.0.20210616085605
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sy74uZALTsA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YNCmbAAAAMOtlSkN
Date
Mon, 21 Jun 2021 14:47:08 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
json
theamericannationalr.tt.omtrdc.net/m2/theamericannationalr/mbox/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://theamericannationalr.tt.omtrdc.net/m2/theamericannationalr/mbox/json?mbox=target-global-mbox&mboxSession=4fe19d3225254cf7926508d7d03c4726&mboxPC=&mboxPage=5d81a02fa6c4402eb0ef2d3e3c0cf0ff&mboxRid=e6837f95eb3d4393b217cc2ff6ad934d&mboxVersion=1.8.2&mboxCount=1&mboxTime=1624294027815&mboxHost=www.redcrossblood.org&mboxURL=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&TO_BT=UNK&TO_AUTH=&mboxMCSDID=76D6BF14B800907B-124596090EB5F60B&vst.trk=metrics.redcross.org&vst.trks=smetrics.redcross.org&mboxMCGVID=34199799939159900591101174873421055344&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.166.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-166-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5536be2291aad3732822336d13f5c778a1b9fef41a3f31845800980c1948d7a9

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Jun 2021 14:47:08 GMT
content-encoding
gzip
timing-allow-origin
*
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
p3p
CP="NOI DSP CURa OUR STP COM"
access-control-allow-origin
https://www.redcrossblood.org
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
x-request-id
e6837f95eb3d4393b217cc2ff6ad934d
collect
stats.g.doubleclick.net/j/ 		1 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-2473523-6&cid=149401212.1624286828&jid=1435177496&gjid=1656967825&_gid=762738777.1624286828&_u=YGBACAAABAAAAC~&z=676819518
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 21 Jun 2021 14:47:08 GMT
content-type
text/plain
access-control-allow-origin
https://www.redcrossblood.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CO7nrvv7qPECFZacUQod2y8OBQ;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2...
4706068.fls.doubleclick.net/ Frame F826
Redirect Chain
  • https://4706068.fls.doubleclick.net/activityi;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html...
  • https://4706068.fls.doubleclick.net/activityi;dc_pre=CO7nrvv7qPECFZacUQod2y8OBQ;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2...
1 KB
913 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4706068.fls.doubleclick.net/activityi;dc_pre=CO7nrvv7qPECFZacUQod2y8OBQ;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4706068
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
67b3c9ae2940da6768f954b941963167c68d2be8d4ffe6ca3127ecc0c26ba284
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4706068.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CO7nrvv7qPECFZacUQod2y8OBQ;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.redcrossblood.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 21 Jun 2021 14:47:08 GMT
expires
Mon, 21 Jun 2021 14:47:08 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
888
x-xss-protection
0
set-cookie
IDE=AHWqTUn9rh56M4sWn-f-W1TOGXTaCfghVi56JNMDAlFHUvPHzK2uRNKsp4v6Dmiwhec; expires=Sat, 16-Jul-2022 14:47:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 21 Jun 2021 14:47:08 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://4706068.fls.doubleclick.net/activityi;dc_pre=CO7nrvv7qPECFZacUQod2y8OBQ;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activityi;register_conversion=1;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-resul...
4706068.fls.doubleclick.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4706068.fls.doubleclick.net/activityi;register_conversion=1;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932?
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
branch-latest.min.js
cdn.branch.io/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00ea178cbba5d3f907ab88426a2380ee06fc6267ea1e7e9815e4063fcdd8d8ac

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qarmcwXsLN.jA_Lr9PtDBnGJTnfPptaQ
content-encoding
gzip
last-modified
Mon, 24 May 2021 20:22:06 GMT
server
AmazonS3
age
230
etag
"611960e84a5f2287a232699af98b27d9"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Mon, 21 Jun 2021 14:43:19 GMT
x-amz-cf-pop
AMS1-C1
content-length
23842
x-amz-cf-id
yDq3_RrCgAtaeEsDuXno-qH9Eoiij4JmeycuB0VdsHBwinKbFdr2ow==
1731308323821672
connect.facebook.net/signals/config/ 		264 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1731308323821672?v=2.9.41&r=stable
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
80bcb09f88bf3e6e63287d5b5c3a4c1243ccef76779cbe7b733bc48de9a322f0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76860
x-xss-protection
0
pragma
public
x-fb-debug
GI+VjBk7NrIRIreJoT5R7KlJbFiCIKS+oT0TQQ3HVlzfWq1n5k0DEj326I2+KX7+FnO4y6go/VCZQGEtusTTew==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Mon, 21 Jun 2021 14:47:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/da9443d1/www-widgetapi.vflset/ 		126 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/da9443d1/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc8423792df51446c8596b5222cb3588cb3809dc5deb21f194442211f9bc94c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 12:54:41 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 17 Jun 2021 00:17:45 GMT
server
sffe
age
6747
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42780
x-xss-protection
0
expires
Tue, 21 Jun 2022 12:54:41 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1731308323821672&ev=PageView&dl=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932&rl=&if=false&ts=1624286828420&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1624286828394.1581081598&it=1624286828342&coo=false&rqm=GET
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 14:47:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 21 Jun 2021 14:47:08 GMT
activityi;dc_pre=CKyrsvv7qPECFdPk1QodbRYNRA;src=4706068;type=rcopa0;cat=rconeADO;u6=34199799939159900591101174873421055344;ord=5459593348760.29
4706068.fls.doubleclick.net/ Frame D4CC
Redirect Chain
  • https://fls.doubleclick.net/activityi;src=4706068;type=rcopa0;cat=rconeADO;u6=34199799939159900591101174873421055344;ord=5459593348760.29?
  • https://4706068.fls.doubleclick.net/activityi;dc_pre=CKyrsvv7qPECFdPk1QodbRYNRA;src=4706068;type=rcopa0;cat=rconeADO;u6=34199799939159900591101174873421055344;ord=5459593348760.29?
379 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4706068.fls.doubleclick.net/activityi;dc_pre=CKyrsvv7qPECFdPk1QodbRYNRA;src=4706068;type=rcopa0;cat=rconeADO;u6=34199799939159900591101174873421055344;ord=5459593348760.29?
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
f3ccfe25d18f876421fde5f2ac833acc838a9d05fe46ca4cb0be0bdca7b2384a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4706068.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKyrsvv7qPECFdPk1QodbRYNRA;src=4706068;type=rcopa0;cat=rconeADO;u6=34199799939159900591101174873421055344;ord=5459593348760.29?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.redcrossblood.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.redcrossblood.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 21 Jun 2021 14:47:08 GMT
expires
Mon, 21 Jun 2021 14:47:08 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
319
x-xss-protection
0
set-cookie
IDE=AHWqTUlEd7rzrkUk7Rwd8kHZof0HNDEU7HfUSEZ4T6S96yEQARo0iQN1RKiFj7i1wOk; expires=Sat, 16-Jul-2022 14:47:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 21 Jun 2021 14:47:08 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
location
https://4706068.fls.doubleclick.net/activityi;dc_pre=CKyrsvv7qPECFdPk1QodbRYNRA;src=4706068;type=rcopa0;cat=rconeADO;u6=34199799939159900591101174873421055344;ord=5459593348760.29?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
_r
app.link/ 		90 B
564 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.link/_r?sdk=web2.58.2&branch_key=key_live_mmHU3rrXl3U4GfMnF6H0sddfrzccH9ha&callback=branch_callback__0
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:ee00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty / Express
Resource Hash
e0fc04411a6bfc47efc9f0db5000b768aba4750db6b21ee81f036f4cbc3df781
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 14:47:08 GMT
via
1.1 9385401cebb473e4ed1da6c81b927c52.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
openresty
x-amz-cf-pop
AMS1-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
90
etag
W/"5a-+VMqvjTC5UmM1QbZZPOTNIGo6g8"
x-amz-cf-id
8588Eb0P2mVCxt49BxAGdjgEj3o8UPDxgmSPcXm8szH7DI5H1CRsKw==
webchat.js
chat.redcrossblood.org/ 		0
0
img
pixel.mathtag.com/event/ Frame F826 		43 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1319619&mt_adid=149608&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&ord=2075542736
Requested by
Host: 4706068.fls.doubleclick.net
URL: https://4706068.fls.doubleclick.net/activityi;dc_pre=CO7nrvv7qPECFZacUQod2y8OBQ;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3759 5f8f15b master zrh-pixel-x29 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://4706068.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 21 Jun 2021 14:47:08 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 21 Jun 2021 14:47:07 GMT
dc_pre=CO7nrvv7qPECFZacUQod2y8OBQ;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3D...
adservice.google.com/ddm/fls/z/ Frame F826 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CO7nrvv7qPECFZacUQod2y8OBQ;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932
Requested by
Host: 4706068.fls.doubleclick.net
URL: https://4706068.fls.doubleclick.net/activityi;dc_pre=CO7nrvv7qPECFZacUQod2y8OBQ;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4706068.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Jun 2021 14:47:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ Frame F826 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 4706068.fls.doubleclick.net
URL: https://4706068.fls.doubleclick.net/activityi;dc_pre=CO7nrvv7qPECFZacUQod2y8OBQ;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://4706068.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24515
x-xss-protection
0
pragma
public
x-fb-debug
kQa0o1YZC5W76d+14ntQAdhTuNURzA3JqdgoRY6MdpDyTHgmgs3hRHD6xFeFplzrm5kiJbUQrg24gZBdrodt0A==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Mon, 21 Jun 2021 14:47:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
dc_pre=CKyrsvv7qPECFdPk1QodbRYNRA;src=4706068;type=rcopa0;cat=rconeADO;u6=34199799939159900591101174873421055344;ord=5459593348760.29
adservice.google.com/ddm/fls/z/ Frame D4CC 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKyrsvv7qPECFdPk1QodbRYNRA;src=4706068;type=rcopa0;cat=rconeADO;u6=34199799939159900591101174873421055344;ord=5459593348760.29
Requested by
Host: 4706068.fls.doubleclick.net
URL: https://4706068.fls.doubleclick.net/activityi;dc_pre=CKyrsvv7qPECFdPk1QodbRYNRA;src=4706068;type=rcopa0;cat=rconeADO;u6=34199799939159900591101174873421055344;ord=5459593348760.29?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4706068.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Jun 2021 14:47:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9EC6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WU5DbWJBQUFBTU90bFNrTg==
170 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WU5DbWJBQUFBTU90bFNrTg==
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://redcross.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Jun 2021 14:47:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Jun 2021 14:47:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1624286829.740970,VS0,VE0
x-served-by
cache-fra19168-FRA
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WU5DbWJBQUFBTU90bFNrTg==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
1599953746963987
connect.facebook.net/signals/config/ Frame F826 		261 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1599953746963987?v=2.9.41&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c4b23c2de29340ff49872a9c5650583e5b94e7afa73fa88e11b109294ef81a3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://4706068.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76182
x-xss-protection
0
pragma
public
x-fb-debug
NlEXxr2GhOLxc5bJBjLu7XlpQfIxFf3VWJTJSMcxrc/WEt38N67Q2WfmBuEmfjoiq+Q9o9PduK/DbF2Cwtf85Q==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Mon, 21 Jun 2021 14:47:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
error
connect.facebook.net//log/ Frame F826 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://connect.facebook.net//log/error?p=pixel&v=2.9.41&e=Error%3A%20cookie%20not%20stored%20properly&s=Error%3A%20cookie%20not%20stored%20properly%0A%20%20%20%20at%20s%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F1599953746963987%3Fv%3D2.9.41%26r%3Dstable%3A25%3A5140)%0A%20%20%20%20at%20u%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F1599953746963987%3Fv%3D2.9.41%26r%3Dstable%3A25%3A5495)%0A%20%20%20%20at%20y%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F1599953746963987%3Fv%3D2.9.41%26r%3Dstable%3A25%3A6965)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F1599953746963987%3Fv%3D2.9.41%26r%3Dstable%3A25%3A7642)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A6282%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A67555)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A6209)%0A%20%20%20%20at%20pa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A9529)%0A%20%20%20%20at%20%24%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A10167)%0A%20%20%20%20at%20Function.Z%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A8946)&ue=0&rs=stable&rqm=FGET
Requested by
Host: 4706068.fls.doubleclick.net
URL: https://4706068.fls.doubleclick.net/activityi;dc_pre=CO7nrvv7qPECFZacUQod2y8OBQ;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4706068.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
www.facebook.com/tr/ Frame F826 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1599953746963987&ev=PageView&dl=https%3A%2F%2F4706068.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO7nrvv7qPECFZacUQod2y8OBQ%3Bsrc%3D4706068%3Btype%3Drcbnew%3Bcat%3Drcbne0%3Bord%3D5867842676823%3Bgtm%3D2od6g0%3Bauiddc%3D1106466818.1624286828%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fwww.redcrossblood.org%252Fgive.html%252Fdrive-results%253FzipSponsor%253DAsynchrony%2526sd%253D030718%2526ed%253D060518%2526zipFormat%253Dfalse%2526_requestid%253D153932%3F&rl=https%3A%2F%2Fwww.redcrossblood.org%2F&if=true&ts=1624286828747&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&it=1624286828682&coo=false&rqm=GET
Requested by
Host: 4706068.fls.doubleclick.net
URL: https://4706068.fls.doubleclick.net/activityi;dc_pre=CO7nrvv7qPECFZacUQod2y8OBQ;src=4706068;type=rcbnew;cat=rcbne0;ord=5867842676823;gtm=2od6g0;auiddc=1106466818.1624286828;ps=1;~oref=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://4706068.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 14:47:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 21 Jun 2021 14:47:08 GMT
tap.php
pixel.rubiconproject.com/ Frame 9EC6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YNCmbAAAAMOtlSkN&expires=90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YNCmbAAAAMOtlSkN&expires=90
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://redcross.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 21 Jun 2021 14:47:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1624286829.788044,VS0,VE0
x-served-by
cache-fra19168-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YNCmbAAAAMOtlSkN&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
open
api2.branch.io/v1/ 		275 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/open
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
16b295cf976655c0917761edad233be0c48631277354da217f7511ef0fc72780

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 21 Jun 2021 14:47:09 GMT
via
1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
fd5e486a14314ddab3883c9b14193eb6-2021062114
content-length
275
x-amz-cf-id
OkYaAapYjKGbNcv4lY2IkUZSTo8k6Vczy_qWHs0erSmN6qmvpBYW1w==
rum
dsum-sec.casalemedia.com/ Frame 9EC6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YNCmbAAAAMOtlSkN
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YNCmbAAAAMOtlSkN&C=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YNCmbAAAAMOtlSkN&C=1
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://redcross.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Jun 2021 14:47:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 21 Jun 2021 14:47:09 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 21 Jun 2021 14:47:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YNCmbAAAAMOtlSkN&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Mon, 21 Jun 2021 14:47:09 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1731308323821672&ev=Microdata&dl=https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%2Fdrive-results%3FzipSponsor%3DAsynchrony%26sd%3D030718%26ed%3D060518%26zipFormat%3Dfalse%26_requestid%3D153932&rl=&if=false&ts=1624286828923&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Schedule%20Your%20Blood%20Donation%20With%20The%20Red%20Cross%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.redcrossblood.org%2Fgive.html%22%2C%22og%3Atitle%22%3A%22Schedule%20Your%20Blood%20Donation%20With%20The%20Red%20Cross%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.redcross.org%2Fcontent%2Fdam%2Fredcrossblood%2Fsocial-media-images%2FFB_Donor_Image1.jpg%22%2C%22og%3Asite%22%3A%22American%20Red%20Cross%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.41&r=stable&ec=1&o=30&fbp=fb.1.1624286828394.1581081598&it=1624286828342&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 14:47:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 21 Jun 2021 14:47:08 GMT
bounce
ib.adnxs.com/ Frame 9EC6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YNCmbAAAAMOtlSkN
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYNCmbAAAAMOtlSkN
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYNCmbAAAAMOtlSkN
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://redcross.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Jun 2021 14:47:09 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.150:80
AN-X-Request-Uuid
7709d804-6a5b-4251-9acb-f1a3a3293e02
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 21 Jun 2021 14:47:09 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.243:80
AN-X-Request-Uuid
d759aa6d-e97f-49a1-a4e5-26e30ea81add
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYNCmbAAAAMOtlSkN
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9EC6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YNCmbAAAAMOtlSkN
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YNCmbAAAAMOtlSkN
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YNCmbAAAAMOtlSkN
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://redcross.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Jun 2021 14:47:09 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YNCmbAAAAMOtlSkN
date
Mon, 21 Jun 2021 14:47:09 GMT
via
1.1 google
server
OXGW/16.209.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame 9EC6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNCmbAAAAMOtlSkN
1 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNCmbAAAAMOtlSkN
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://redcross.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 14:47:09 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:423
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 21 Jun 2021 14:47:09 GMT
via
1.1 varnish
server
Varnish
x-timer
S1624286829.194941,VS0,VE0
x-served-by
cache-fra19168-FRA
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNCmbAAAAMOtlSkN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pageview
api2.branch.io/v1/ 		28 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 21 Jun 2021 14:47:09 GMT
via
1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
637dc1d214944915884eada4cdb20d21-2021062114
content-length
28
x-amz-cf-id
KN6Z5A4il0cgCQfrpJPdfPZVxUZy0S2iNituTdq8tpYlxKS5stZIYw==
partner
sync.search.spotxchange.com/ Frame 9EC6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YNCmbAAAAMOtlSkN&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YNCmbAAAAMOtlSkN&img=1&__user_check__=1&sync_id=8e57c1c8-d29f-11eb-8a5b-19b4ac340106
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YNCmbAAAAMOtlSkN&img=1&__user_check__=1&sync_id=8e57c1c8-d29f-11eb-8a5b-19b4ac340106
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://redcross.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 21 Jun 2021 14:47:09 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
132
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 21 Jun 2021 14:47:09 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YNCmbAAAAMOtlSkN&img=1&__user_check__=1&sync_id=8e57c1c8-d29f-11eb-8a5b-19b4ac340106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
89
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame 9EC6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YNCmbAAAAMOtlSkN&t=2592000&o=0
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YNCmbAAAAMOtlSkN&t=2592000&o=0
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redcross.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 07:47:09 PDT
content-encoding
br
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
Pi9wUPGJg8+X2JENc/XDOvxeo0eH+TN26M6E8md2JqjtcrNOa8MZt0yFDZOVGhfYEAap2HZGHFoQbcEQaAFukQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Mon, 21 Jun 2021 07:47:09 PDT

Redirect headers

pragma
no-cache
date
Mon, 21 Jun 2021 14:47:09 GMT
via
1.1 varnish
server
Varnish
x-timer
S1624286829.396791,VS0,VE0
x-served-by
cache-fra19168-FRA
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YNCmbAAAAMOtlSkN&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
www.facebook.com/tr/ Frame F826 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1599953746963987&ev=Microdata&dl=https%3A%2F%2F4706068.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO7nrvv7qPECFZacUQod2y8OBQ%3Bsrc%3D4706068%3Btype%3Drcbnew%3Bcat%3Drcbne0%3Bord%3D5867842676823%3Bgtm%3D2od6g0%3Bauiddc%3D1106466818.1624286828%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fwww.redcrossblood.org%252Fgive.html%252Fdrive-results%253FzipSponsor%253DAsynchrony%2526sd%253D030718%2526ed%253D060518%2526zipFormat%253Dfalse%2526_requestid%253D153932%3F&rl=https%3A%2F%2Fwww.redcrossblood.org%2F&if=true&ts=1624286830250&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.41&r=stable&ec=1&o=30&it=1624286828682&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/give.html/drive-results?zipSponsor=Asynchrony&sd=030718&ed=060518&zipFormat=false&_requestid=153932
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://4706068.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 14:47:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 21 Jun 2021 14:47:10 GMT
nr-spa-1184.min.js
js-agent.newrelic.com/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1184.min.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"6b93dbf34696df852c6d69d1652851de"
x-amz-request-id
AW09G7T4W31XMRXN
x-cache
HIT
content-length
14379
x-amz-id-2
ju6NkJ0Dd9WZJgzB+hP3w6s/jskm86NIzfdcFFxW6ED98FruT/93muoHN2gxUUCzLMTt2Tz/grs=
x-served-by
cache-hhn4081-HHN
last-modified
Mon, 28 Sep 2020 16:34:47 GMT
server
AmazonS3
x-timer
S1624286853.781868,VS0,VE0
date
Mon, 21 Jun 2021 14:47:32 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
610
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5e57f278d51ec8f1/ 		2 KB
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5e57f278d51ec8f1/_ate.track.config_resp
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-121.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e50d099437ed37e306cd1a342f3d7f8faf0b9a60c71deb11807b322ac09ed236

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 14:47:32 GMT
content-encoding
gzip
etag
-1308072094--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=45, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
636
c.json
collection.decibelinsight.net/i/13946/330715/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://collection.decibelinsight.net/i/13946/330715/c.json
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.240.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-240-31.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
80a3aed9b3ea5924039964ab1bec1cde1152d8ed6f2b1ac2e74ef900ee7462b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 21 Jun 2021 14:47:32 GMT
Content-Encoding
gzip
Vary
Origin
Server
nginx
ETag
W/000068430-17A2F0A7690
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.redcrossblood.org
Cache-Control
private, max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
20e6e07576
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/20e6e07576?a=94805257&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=25652&ck=1&ref=https://www.redcrossblood.org/give.html/drive-results&be=469&fe=25559&dc=889&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1624286827160,%22n%22:0,%22r%22:0,%22re%22:146,%22f%22:146,%22dn%22:146,%22dne%22:146,%22c%22:146,%22ce%22:146,%22rq%22:147,%22rp%22:436,%22rpe%22:437,%22dl%22:443,%22di%22:887,%22ds%22:887,%22de%22:889,%22dc%22:25559,%22l%22:25559,%22le%22:25572%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&jsonp=NREUM.setToken
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-121.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Mon, 21 Jun 2021 14:47:32 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
20e6e07576
bam.nr-data.net/events/1/ 		24 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/20e6e07576?a=94805257&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=28391&ck=1&ref=https://www.redcrossblood.org/give.html/drive-results
Requested by
Host: www.redcrossblood.org
URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.redcrossblood.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.redcrossblood.org
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
chat.redcrossblood.org
URL
https://chat.redcrossblood.org/webchat.js?profile=blood

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| _satellite boolean| __satelliteLoaded string| GoogleAnalyticsObject function| ga object| adobe function| Visitor object| s_c_il number| s_c_in function| gtag object| dataLayer object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| uetq object| digitalData function| webpackJsonp object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader object| IntlPolyfill object| lscache object| __zone_symbol__loadfalse object| __zone_symbol__ON_PROPERTYmessage object| __zone_symbol__messagefalse function| setImmediate function| clearImmediate function| swal function| sweetAlert function| tmpl number| __lo_site_id function| wcb_insertChatScript function| fbq function| _fbq object| _da_ function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse string| DecibelInsight function| decibelInsight object| el object| it object| __zone_symbol__popstatefalse object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| s_getLoadTime function| createCookie function| eraseCookie function| getMID function| s_doPlugins function| getCookie function| getParameters function| lastcomponentload function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s object| tag object| firstScriptTag string| scURLr string| scURLs string| scGNR object| pageTemp object| cookie undefined| marketingCloudID number| s_loadT function| s_visIdFloodlight function| s_dfaCall string| scGNRv function| scSearch function| UET function| UET_init function| UET_push object| __zone_symbol__pageshowfalse object| __zone_symbol__pagehidefalse object| google_tag_manager function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis function| __zone_symbol__ON_PROPERTYload string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf object| __zone_symbol__scrollfalse object| __zone_symbol__resizefalse function| addthis_open function| addthis_close function| addthis_sendto number| s_objectID object| branch object| __zone_symbol__unloadfalse object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| _di_max_id object| _da_crcTable boolean| __@@##MUH undefined| scTP number| d object| eo number| y string| scGVN string| f0 string| scDSLV object| dvi string| dfaUrl object| __zone_symbol__testfalse object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey function| checkLogin function| getFromProfileTO function| to_cookiereset undefined| cookiepagecheck undefined| waitForElementToDisplayCookie function| get_cookie function| waitForElementToDisplayMask object| s_Obj string| s_PPVid function| s_PPVevent object| __zone_symbol__zoomfalse object| __zone_symbol__keyupfalse object| __zone_symbol__mouseupfalse object| __zone_symbol__touchendfalse object| __zone_symbol__orientationchangefalse object| __zone_symbol__panfalse number| s_PPVi number| s_PPVt object| addthis_config object| addthis_share boolean| decibelInsight_initiated object| __zone_symbol__beforeunloadfalse boolean| adobe_event_bound object| __zone_symbol__blurfalse object| __zone_symbol__focusfalse object| di_cloneId object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

4 Cookies

Domain/Path Name / Value
www.redcrossblood.org/ Name: __atuvc
Value: 1%7C25
.redcrossblood.org/ Name: s_ppv
Value: rcb%253Agive%253Adrive-results%2C100%2C100%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
www.redcrossblood.org/ Name: __atuvs
Value: 60d0a66c369cd7f3000
.redcrossblood.org/ Name: s_ppvl
Value: %5B%5BB%5D%5D

2 Console Messages

Source Level URL
Text
console-api warning URL: https://assets.adobedtm.com/16a36399704a/453d9ca51f91/launch-a1e85d51a3d8.min.js(Line 8)
Message:
AT: Failed actions [object Object]
console-api error URL: https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive.min.c8cb1895f8b7b44b249f8c24c2563b13.js(Line 226)
Message:
Unhandled Promise rejection: Cannot read property 'removeItem' of null ; Zone: <root> ; Task: Promise.then ; Value: TypeError: Cannot read property 'removeItem' of null TypeError: Cannot read property 'removeItem' of null at AppMeasurement.s_doPlugins [as doPlugins] (https://assets.adobedtm.com/16a36399704a/453d9ca51f91/66fdd0ed6c63/EXbe5be52203d742aea945609b4b77d096-libraryCode_source.min.js:2:11335) at AppMeasurement.p.Fa (https://assets.adobedtm.com/16a36399704a/453d9ca51f91/66fdd0ed6c63/EXbe5be52203d742aea945609b4b77d096-libraryCode_source.min.js:3:4492) at AppMeasurement.p.t.p.track (https://assets.adobedtm.com/16a36399704a/453d9ca51f91/66fdd0ed6c63/EXbe5be52203d742aea945609b4b77d096-libraryCode_source.min.js:3:5308) at s (https://assets.adobedtm.com/16a36399704a/453d9ca51f91/launch-a1e85d51a3d8.min.js:5:21284) at https://assets.adobedtm.com/16a36399704a/453d9ca51f91/launch-a1e85d51a3d8.min.js:5:21531 at a.invoke (https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive.min.c8cb1895f8b7b44b249f8c24c2563b13.js:215:502) at b.run (https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive.min.c8cb1895f8b7b44b249f8c24c2563b13.js:206:270) at https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive.min.c8cb1895f8b7b44b249f8c24c2563b13.js:225:484 at a.invokeTask (https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive.min.c8cb1895f8b7b44b249f8c24c2563b13.js:217:166) at b.runTask (https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive.min.c8cb1895f8b7b44b249f8c24c2563b13.js:207:424) at d (https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive.min.c8cb1895f8b7b44b249f8c24c2563b13.js:202:58) at nrWrapper (https://www.redcrossblood.org/etc/clientlibs/redcross/rcbblooddrive/new-relic/new-relic-rcbbloodapp-prod.js:2:26220)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://*.adobe.com;
Strict-Transport-Security max-age=15768000 ; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://adobe.com/ ALLOW-FROM https://redcrossblood.org/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4706068.fls.doubleclick.net
adservice.google.com
api2.branch.io
app.link
assets.adobedtm.com
bam.nr-data.net
bat.bing.com
cdn.branch.io
cdnjs.cloudflare.com
chat.redcrossblood.org
cm.everesttech.net
cm.g.doubleclick.net
collection.decibelinsight.net
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
fls.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
js-agent.newrelic.com
pixel.mathtag.com
pixel.rubiconproject.com
redcross.demdex.net
s7.addthis.com
smetrics.redcross.org
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
theamericannationalr.tt.omtrdc.net
us-u.openx.net
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.redcrossblood.org
www.youtube.com
z.moatads.com
chat.redcrossblood.org
142.250.185.130
142.250.186.38
15.236.176.210
151.101.114.110
151.101.14.49
162.247.242.20
18.198.240.31
184.30.24.121
185.64.190.80
185.94.180.125
2.18.233.201
2.18.234.21
2.18.235.40
2600:9000:2104:1600:11:f728:3040:93a1
2600:9000:2104:ee00:19:9934:6a80:93a1
2606:4700::6810:135e
2620:1ec:c11::200
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:827::200e
2a00:1450:4001:828::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c04::9b
2a02:26f0:6c00:2b5::1e80
2a02:26f0:6c00:2be::35ce
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.252.166.160
35.244.159.8
37.252.172.36
52.19.186.105
52.31.68.29
54.194.191.134
65.9.77.104
65.9.84.70
69.173.144.139
00ea178cbba5d3f907ab88426a2380ee06fc6267ea1e7e9815e4063fcdd8d8ac
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16b295cf976655c0917761edad233be0c48631277354da217f7511ef0fc72780
2c4b23c2de29340ff49872a9c5650583e5b94e7afa73fa88e11b109294ef81a3
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7a338a91055c334d338108139bfc34aa3ad30292231743a724554d858b3361
4d8fb34a348de04796d4c3345c6dd241140103619b8d2a5d915b6ec0574c7175
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54db2bc10861b6793ba752f7f0135e131011db3f7d27f0596dae02bb6cacbe85
5536be2291aad3732822336d13f5c778a1b9fef41a3f31845800980c1948d7a9
5789f37825c5ab7a1c966e23c1923d9f4be2a7316d37dd5fcf8855693d90844c
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
67b3c9ae2940da6768f954b941963167c68d2be8d4ffe6ca3127ecc0c26ba284
6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1
77bb873c878b5d6afbda3c4bdf3edef8ee233cbc8e414cc5b9a907a3fb3b1af6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8055e0c87a9da24257e26aeb52263c778cc936b45271f5f5201c134a21fc655f
80a3aed9b3ea5924039964ab1bec1cde1152d8ed6f2b1ac2e74ef900ee7462b6
80bcb09f88bf3e6e63287d5b5c3a4c1243ccef76779cbe7b733bc48de9a322f0
82aa8d65d7e8a711d4e887349d5d9f7553a5dc355f40fa7d91e21a4f2de4e3ff
a16a6d6e6c4cb06a54ce07bf3df17d65d882e18bf32c00e94c6c74a26fc6f334
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a8ad2f79bd5239967f4249a13312ca11e0da3edc3ef4638578ba026fc39ab407
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c1b0fc3d1fed6d19e0119843994235fd8d69fb51da5dd8c3d37f669895fda2e3
da1da051c341f4b635535bd9116ba74ed95299a9d3ee44f7c30fcae521271345
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e0fc04411a6bfc47efc9f0db5000b768aba4750db6b21ee81f036f4cbc3df781
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50d099437ed37e306cd1a342f3d7f8faf0b9a60c71deb11807b322ac09ed236
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ebe045d65a67156d04dac50d8fbb111ae4bcaa27a00ff0422bcf3d1d346f9ed4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06150cd74f4090b6b1194c7fb227fda21f859229aa851169b8116e330ee160b
f3ccfe25d18f876421fde5f2ac833acc838a9d05fe46ca4cb0be0bdca7b2384a
f46f289115650120d8e0f2b31c4ae3c9b6af900778d910a83fb91d13aa4c2c9b
fc8423792df51446c8596b5222cb3588cb3809dc5deb21f194442211f9bc94c8