secure.pva.org Open in urlscan Pro
151.101.194.130 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_c...
Submission: On November 24 via api (November 24th 2022, 12:14:38 pm UTC) from DO — Scanned from DE

Summary HTTP 90 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 24 domains to perform 90 HTTP transactions. The main IP is 151.101.194.130, located in United States and belongs to FASTLY, US. The main domain is secure.pva.org. The Cisco Umbrella rank of the primary domain is 447916.
TLS certificate: Issued by R3 on October 26th 2022. Valid for: 3 months.

This is the only time secure.pva.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	151.101.194.130 151.101.194.130	54113 (FASTLY) (FASTLY)
6	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.69.84.146 54.69.84.146	16509 (AMAZON-02) (AMAZON-02)
1	13.225.85.149 13.225.85.149	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	13.32.27.106 13.32.27.106	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.31 99.86.4.31	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	34.243.232.139 34.243.232.139	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:cacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	44.233.136.7 44.233.136.7	16509 (AMAZON-02) (AMAZON-02)
1	44.238.130.186 44.238.130.186	16509 (AMAZON-02) (AMAZON-02)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
90	32

27 151.101.194.130 (United States)

ASN54113 (FASTLY, US)

secure.pva.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pva.gospringboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

10339774.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.84.146 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-84-146.us-west-2.compute.amazonaws.com

dx.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.85.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-149.fra2.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-106.fra56.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-31.fra6.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.243.232.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-232-139.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.233.136.7 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-136-7.us-west-2.compute.amazonaws.com

px.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.130.186 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-130-186.us-west-2.compute.amazonaws.com

ww.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	pva.org secure.pva.org — Cisco Umbrella Rank: 447916	612 KB
13	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1726 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3898 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3821 tracking.crazyegg.com — Cisco Umbrella Rank: 3789	71 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	263 B
4	steelhousemedia.com dx.steelhousemedia.com — Cisco Umbrella Rank: 9924 px.steelhousemedia.com — Cisco Umbrella Rank: 7182 ww.steelhousemedia.com — Cisco Umbrella Rank: 18953	9 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	280 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 10339774.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 94	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 40 region1.google-analytics.com — Cisco Umbrella Rank: 2118	63 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 83	1 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1343 match.adsrvr.org — Cisco Umbrella Rank: 307 insight.adsrvr.org — Cisco Umbrella Rank: 576	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 354	12 KB
3	gstatic.com fonts.gstatic.com	117 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 67	161 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 52	2 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 944	85 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3627	881 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2253	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2237	20 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3436	3 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5405	501 B
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2793	548 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2413	876 B
1	gospringboard.com pva.gospringboard.com	15 KB
0	Failed function sub() { [native code] }. Failed
0	mimecast.com Failed protect-us.mimecast.com — Cisco Umbrella Rank: 6946 Failed
90	24

	Domain	Requested by
26	secure.pva.org	secure.pva.org
6	www.facebook.com	secure.pva.org
6	script.crazyegg.com	secure.pva.org script.crazyegg.com
5	tracking.crazyegg.com	script.crazyegg.com
4	connect.facebook.net	secure.pva.org connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com secure.pva.org
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
2	px.steelhousemedia.com	dx.steelhousemedia.com secure.pva.org
2	www.google.com	secure.pva.org
2	10339774.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	secure.pva.org www.googletagmanager.com
2	fonts.googleapis.com	secure.pva.org
2	use.fontawesome.com	secure.pva.org use.fontawesome.com
1	insight.adsrvr.org	secure.pva.org
1	match.adsrvr.org	secure.pva.org
1	ww.steelhousemedia.com	secure.pva.org
1	api.hubapi.com	js.hsadspixel.net
1	adservice.google.com	10339774.fls.doubleclick.net
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	www.google.de	secure.pva.org
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.co.uk	secure.pva.org
1	js.adsrvr.org	www.googletagmanager.com
1	dx.steelhousemedia.com	secure.pva.org
1	js.hs-scripts.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	pva.gospringboard.com	secure.pva.org
0	44.228.85.26 Failed	dx.steelhousemedia.com
0	protect-us.mimecast.com Failed	secure.pva.org
90	35

This site contains links to these domains. Also see Links.

Domain
www.charitynavigator.org
www.accessibility.com
greatnonprofits.org
www.guidestar.org

Subject Issuer	Validity	Valid
secure.pva.org R3	`2022-10-26` - `2023-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-08` - `2023-04-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gospringboard.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-07` - `2023-04-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-02` - `2022-12-01`	3 months	crt.sh
*.steelhousemedia.com Go Daddy Secure Certificate Authority - G2	`2022-05-17` - `2023-06-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
crazyegg.com Amazon	`2022-06-27` - `2023-07-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
Frame ID: FE2DA214E42ADB884EB79E443556AAA6
Requests: 86 HTTP requests in this frame

Frame: https://10339774.fls.doubleclick.net/activityi;dc_pre=CPDVt8jlxvsCFUlFHgIdmt0Kog;src=10339774;type=drtvl0;cat=drtvl0;ord=8846063018404;gtm=2wgb90;auiddc=1546727395.1669292073;~oref=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU
Frame ID: C2C59004E1229F776A2051E3BD1872E4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PVA Hero | Paralyzed Veterans of America

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

90
Requests

96 %
HTTPS

68 %
IPv6

24
Domains

35
Subdomains

32
IPs

4
Countries

1475 kB
Transfer

3523 kB
Size

23
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.charitynavigator.org/ein/131946868

Search URL Search Domain Scan URL

URL: https://www.accessibility.com/org-spotlight/nonprofit/paralyzed-veterans-of-america

Search URL Search Domain Scan URL

URL: https://greatnonprofits.org/org/paralyzed-veterans-of-america-2?sm_guid=MjY3MjY1fDIzMTU2NDk5fC0xfHN0ZXBoLnZhbmRlcnZlZW5AYmFydG9uY290dG9uLmNvbXwyMDU2NzQzfHwwfDB8NjA1MTI1MTh8OTI5fDB8MHx8MjMzMzYz0

Search URL Search Domain Scan URL

URL: https://www.guidestar.org/profile/13-1946868?sm_guid=MjY3MjY1fDIzMTU2NDk5fC0xfHN0ZXBoLnZhbmRlcnZlZW5AYmFydG9uY290dG9uLmNvbXwyMDU2NzQzfHwwfDB8NjA1MTI1MTh8OTI5fDB8MHx8MjMzMzYz0

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://protect-us.mimecast.com/s/IkrLCVOKrvTND8PTyUQJK HTTP 307
https://protect-us.mimecast.com/r/2JXuwd21Q77n6ziIyq_mwrUxGK8Z6bC_zEtibge8R9PQ2iIumLDRrR6cv0GnTdXlqTiYpllfXMPAcZGko6-q0fsM4hr2ijzNIUjs6fWshJxxo7AWgX3aZp-CgcePaiqV3SPGoSDPpj2XcbJlZ7lWyDrGTdsgvyEjwhOML4GroX7DUXPAaOqjSj0dVs2R5n0ORkLZbsmFCUU0g1r9FeJgYbmi-DQfPzpl93IexEKrsAYeEkmpzid8If49HRseU0pdKzoBCbw-vacbP0xBb8lHDgCK33F6MXqOw0PSJByl2ZZwZmhiogo77BT4AmCHPFQRCov_M2h5M4pLTmYJjsVyptJkFrCD8g32-rjQHiO8YG-_D3EzgMmLuM7kosn0hbc1zrBsByWHHaXEBp6IRM1xTPfwpLXqQQLMttpPlQxfmf-qH24COdOtkr6tNN8K7q875gv4uimEdu7a8-iq54bfnSn0tNDVg4QPh5vA_NjKdx_QCyjgo2KZ98s9TyOpLkIBEEw8lzq-O75XdhyNF5HYUB1ssuK7uGrURCpZP9kZGZ4BDea6LPXHrl1jCSGaga6z9BFs7PYYZhBl9jUZ19yWqhu6Vsv2kedXOCsIsbJtOllBNS4L2FMJHIbs0JmzMp9txfHGom3voKHXkRrurT_s4IwtNpLRNvBB6w3ikeR0RS6HJv6QH6wjwciEZ5UO8ti4bAF_lWYOLVEz1sx2JiNpm5iIaXamsEGGqAn7-t-sss40083eP_P9wZyxXaSLb-YspQeJAqR_1iT_mMBlDzInU_K4a0Fto5CkTxK4SIDHNmCnPoiTggScN2PumybPLBZgWi-di4B8DCBOxb6Txk-6p5z6BRpj9H8YMELujMIWDtF8F6u1IBbgILi-9ee_80hie44vHvpIYU1NMnLUphes5eGS7T19NDfuyPKLC_R-1JzQDusNWZTOdZN9KfGTy9m7aR6d3YFA8k1MJ10yoXhrjFgRSu8PkOEPdwCCud1Qy3dzcn6AgQU22aRDDdq6RNorWtrsQUkIoNwLScBeBV7uFj5Cp_DvbfYW7M5QlwssSCGpYtXqflz5_VtdYVpqG_fIz4sneQ7fmebn4oRWdlwuBTfOJ7Cf05RjnoIK9gmQtZZE8jAFrc003XKKdWE-sGkPhCBq-gj3igVi870v2-RZ7Uu_GAOhM20dPjjJfKo0Mhp8i_cYzZ4xbWmHMLLTewpYw6yfTjTpmuejPQYV03HkR0K91WLalhozQ51_DtzPS7RlCu11N3sVA99SUeK-9ll9O5ZtTFkstoN5rhNtbaPHUcinGPBUQyhtzSts0mPJQGJwCrylzdix5_NgKIGP0Xav_79L1p-_QZhjALAnV5aEXlHIwewjA9zrZ5ZmPK6u0uwBztm2OrunhgaeBbtcO55d05vUDLQMwzi0EaIkbhpvkuoiiFWuMU2a17EdSUJEH81F5IqsDmeKsPtKXnsCbUKY-JuIUf2II9tj-OfQY3hIk9J84mGJsqxCU0Rbj4Vk_H-qyWI-O-UcYujwclhg_Xe70fK5F16hlLYVA2RROkv4Y2jRAfyu5J47YO1H6BNhRqQBrI1INygwHxnRMEMAr8ojxoKT6Z_NG1WQ-Jv6zjuF_amvfR80aN0oOIKrM4vr2BUZchOKsoWPZ0p8DjEIcrJb6hWzo9AEFTMb2uKn6yJ5gJo7oIoXzFKCMRUwWCQ2ru5RGHbN2JDcljSJioyRB0eTc2J3LQeCEyQFPaCgbU2eY4IUKdc0INCYelOft2-7vrAvL59HKm-aLX5WKMuOnbfXUZF0FPh_cZiKEKMvaOT9OWznHMmpchn8LCqZSgLoXUV1Alq7rWBI2uSJqpRNXo60zjlT9bEnE8nm47q_bMD9ASia_OH5Pzkz4JTU3Jhc0ZLW-jCxSDxXkPDvW9hIvCWPSQ86QJTmiN_4VJkSoBqO7yJYOs5G4nzBb9xAz4KzggGTSTucgo9eg-pcx7sULAO9Wq-FeasvzhFGgu6C6UNE-tMP7sbRPKiIHK9VVqFJRxgKSBHFy6ic2vk621xj-sirUWsThNMfSE_TxYg9ZhC-Fg

Request Chain 42

https://10339774.fls.doubleclick.net/activityi;src=10339774;type=drtvl0;cat=drtvl0;ord=8846063018404;gtm=2wgb90;auiddc=1546727395.1669292073;~oref=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU HTTP 302
https://10339774.fls.doubleclick.net/activityi;dc_pre=CPDVt8jlxvsCFUlFHgIdmt0Kog;src=10339774;type=drtvl0;cat=drtvl0;ord=8846063018404;gtm=2wgb90;auiddc=1546727395.1669292073;~oref=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request pva-hero Show response
secure.pva.org/pva/ 81 KB
15 KB 1049ms
782ms Document
text/html 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

aac1d59d963b1f540843980147a017ff03418f67fce50d60ac37ce81996fe84c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: public, max-age=3600
content-encoding: gzip
content-language: en
content-length: 15303
content-type: text/html; charset=utf-8
date: Thu, 24 Nov 2022 12:14:32 GMT
etag: "1669292071-1"
expires: Sun, 19 Nov 1978 05:00:00 GMT
fastly-restarts: 1
last-modified: Thu, 24 Nov 2022 12:14:31 GMT
link: </PVA/pva-hero>; rel="canonical",</node/445>; rel="shortlink"
permissions-policy: interest-cohort=()
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Cookie,Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff nosniff
x-served-by: cache-hhn4055-HHN
x-timer: S1669292072.514839,VS0,VE775

GET
H2 200 1800.js Show response
script.crazyegg.com/pages/scripts/0093/ 6 KB
2 KB 68ms
24ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0093/1800.js
Requested by: Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e18e53c226d26c31147ddfb96a849f7b9d9fe6ed2d74f1ddda01476af47c5b63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:32 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 30166
cf-polished: origSize=6088
ce-version: 11.5.3
cf-bgj: minify
last-modified: Thu, 24 Nov 2022 03:51:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 76f2109c4dc4902a-FRA

GET
H2 200 css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
secure.pva.org/files/pva/css/ 7 KB
2 KB 467ms
462ms Stylesheet
text/css 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 12:14:32 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 2217
x-served-by: cache-hhn4055-HHN
last-modified: Fri, 14 Oct 2022 18:04:27 GMT
server: Apache
x-timer: S1669292072.325586,VS0,VE451
etag: "8a9-5eb0274eb58e0"
vary: Accept-encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 css_VdQEpy6ctE2GyA3blL8-bAWbim_Anz6ruM1KRlHPMXw.css
secure.pva.org/files/pva/css/ 3 KB
1 KB 486ms
481ms Stylesheet
text/css 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/css/css_VdQEpy6ctE2GyA3blL8-bAWbim_Anz6ruM1KRlHPMXw.css

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

55d404a72e9cb44d86c80ddb94bf3e6c059b8a6fc09f3eabb8cd4a4651cf317c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 12:14:32 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 1050
x-served-by: cache-hhn4055-HHN
last-modified: Fri, 14 Oct 2022 18:04:27 GMT
server: Apache
x-timer: S1669292072.325567,VS0,VE452
etag: "41a-5eb0274ece750"
vary: Accept-encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 css_dd8VjWMcmnzAMH8Rx9AqFa5qrBHqu2amiJx0ajnTIqs.css
secure.pva.org/files/pva/css/ 212 KB
34 KB 547ms
542ms Stylesheet
text/css 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/css/css_dd8VjWMcmnzAMH8Rx9AqFa5qrBHqu2amiJx0ajnTIqs.css

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

75df158d631c9a7cc0307f11c7d02a15ae6aac11eabb66a6889c746a39d322ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 12:14:32 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 34217
x-served-by: cache-hhn4055-HHN
last-modified: Fri, 28 Oct 2022 22:23:15 GMT
server: Apache
x-timer: S1669292072.325524,VS0,VE535
etag: "85a9-5ec1fb43baf68"
vary: Accept-encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 css_Ph3b7GzeJ3EMLTCHQKig11uWeoJ83O7NkDf5m5A5L6M.css
secure.pva.org/files/pva/css/ 2 KB
803 B 465ms
460ms Stylesheet
text/css 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/css/css_Ph3b7GzeJ3EMLTCHQKig11uWeoJ83O7NkDf5m5A5L6M.css

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

3e1ddbec6cde27710c2d308740a8a0d75b967a827cdceecd9037f99b90392fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 12:14:32 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 628
x-served-by: cache-hhn4055-HHN
last-modified: Fri, 14 Oct 2022 18:05:10 GMT
server: Apache
x-timer: S1669292072.325490,VS0,VE451
etag: "274-5eb02777f2ed8"
vary: Accept-encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js Show response
secure.pva.org/files/pva/js/ 130 KB
45 KB 639ms
634ms Script
text/javascript 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/js/js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

243a883105300b38802320171655c86d0f974ebc339a319228b9d91363eb93be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 12:14:32 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 45819
x-served-by: cache-hhn4055-HHN
last-modified: Fri, 14 Oct 2022 18:04:27 GMT
server: Apache
x-timer: S1669292072.325434,VS0,VE627
etag: "b2fb-5eb0274f02f28"
vary: Accept-encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 js_2WteQ5nhE8lDaFuOz25sVDXh3FLnrHeiTihnLt2JDoI.js Show response
secure.pva.org/files/pva/js/ 134 KB
38 KB 15ms
11ms Script
text/javascript 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/js/js_2WteQ5nhE8lDaFuOz25sVDXh3FLnrHeiTihnLt2JDoI.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

d96b5e4399e113c943685b8ecf6e6c5435e1dc52e7ac77a24e28672edd890e82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 12:14:32 GMT
via: 1.1 varnish
age: 423
x-cache: HIT
fastly-restarts: 1
content-length: 39042
x-served-by: cache-hhn4055-HHN
last-modified: Mon, 26 Sep 2022 12:30:55 GMT
server: Apache
x-timer: S1669292072.325402,VS0,VE3
etag: "9882-5e993b2fab380"
vary: Accept-encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 js_KaHhAh4TSobOXvUk4X1GUHWhTxYta0fppcQzwYgZF14.js Show response
secure.pva.org/files/pva/js/ 2 KB
842 B 462ms
458ms Script
text/javascript 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/js/js_KaHhAh4TSobOXvUk4X1GUHWhTxYta0fppcQzwYgZF14.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

29a1e1021e134a86ce5ef524e17d465075a14f162d6b47e9a5c433c18819175e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 12:14:32 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 709
x-served-by: cache-hhn4055-HHN
last-modified: Fri, 14 Oct 2022 18:04:28 GMT
server: Apache
x-timer: S1669292072.325358,VS0,VE451
etag: "2c5-5eb0274f1f448"
vary: Accept-encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 js_4UrJPjKmuLzSVfU62NMjDsTJEfWDbY--8i-FuaCHruk.js Show response
secure.pva.org/files/pva/js/ 218 KB
45 KB 635ms
632ms Script
text/javascript 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/js/js_4UrJPjKmuLzSVfU62NMjDsTJEfWDbY--8i-FuaCHruk.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

e14ac93e32a6b8bcd255f53ad8d3230ec4c911f5836d8683f22f85b9a087aee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 12:14:32 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 45491
x-served-by: cache-hhn4055-HHN
last-modified: Mon, 26 Sep 2022 12:30:55 GMT
server: Apache
x-timer: S1669292072.325331,VS0,VE622
etag: "b1b3-5e993b2fc97e0"
vary: Accept-encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 js_bMNcqAqOcpVB4VGYw6F9HDONHfb363vwhq0fr67kcxM.js Show response
secure.pva.org/files/pva/js/ 28 KB
7 KB 193ms
190ms Script
text/javascript 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/files/pva/js/js_bMNcqAqOcpVB4VGYw6F9HDONHfb363vwhq0fr67kcxM.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

6cc35ca80a8e729541e15198c3a17d1c338d1df6f7eb7bf086ad1fafaee47313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 12:14:32 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 7514
x-served-by: cache-hhn4055-HHN
last-modified: Fri, 14 Oct 2022 18:05:10 GMT
server: Apache
x-timer: S1669292072.325303,VS0,VE183
etag: "1d5a-5eb027780f7e0"
vary: Accept-encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ 50 KB
12 KB 52ms
23ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer: https://secure.pva.org/
Origin: https://secure.pva.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7A17V0F9AZNW67DN
age: 39025
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: hNXw/HHIglx4A7pUP0QaYrAPh8dv063r0tXcBHaUxx/GSwiXnkvHoEEmqZpJM5B2SDM/Um1P2WQ=
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
server: cloudflare
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7uL0gv0HuJVGQnYgGSadLM%2FOUztMpoRlCFpoOhIiM5kG%2BtHhot8pUwA9Ak%2BVnG7gKNn0b2m1SFLw5bEexZX71klTxlBzLpE9ILzgahtkQRb4JwnvJWrwxKbKVf2qHvgTKLT2seWJhr3lnyZMiT0XlvX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 76f2109c3b279a3b-FRA

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 42ms
19ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;1,400;1,600&family=Titillium+Web:wght@400;600&display=swap

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

73f3f8243743b55b31cc0804ebe007cf13fc7af47137ed8cf4b0a9ae9378c9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Nov 2022 12:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 12:14:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Nov 2022 12:14:32 GMT

GET
H2 404 popper-1.14.7.min.js
secure.pva.org/js/ 0
0 458ms
456ms Script
text/html 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/js/popper-1.14.7.min.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: cache-hhn4055-HHN
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:32 GMT
via: 1.1 varnish
server: Apache
x-timer: S1669292072.325284,VS0,VE449
vary: Accept-Encoding
x-cache: MISS
content-type: text/html; charset=iso-8859-1
accept-ranges: bytes
fastly-restarts: 1
content-length: 196
x-cache-hits: 0

GET
H2 404 bootstrap-4.3.1.min.js
secure.pva.org/js/ 0
0 366ms
364ms Script
text/html 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/js/bootstrap-4.3.1.min.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: cache-hhn4055-HHN
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:32 GMT
via: 1.1 varnish
server: Apache
x-timer: S1669292072.329383,VS0,VE353
vary: Accept-Encoding
x-cache: MISS
content-type: text/html; charset=iso-8859-1
accept-ranges: bytes
fastly-restarts: 1
content-length: 196
x-cache-hits: 0

GET
H2 200 PVALogotransparent.png
secure.pva.org/files/pva/ 39 KB
39 KB 364ms
364ms Image
image/png 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/PVALogotransparent.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

0045273fe3b4f81665145a395346b335e13500f74c5812c323c581a88b47e97a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 40180
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 14 Jun 2022 19:58:04 GMT
server: Apache
x-timer: S1669292073.970468,VS0,VE358
etag: "9cf4-5e16dd291ab00"
content-type: image/png
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 secure.png
secure.pva.org/files/pva/ 17 KB
18 KB 190ms
189ms Image
image/png 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/secure.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

150a5122614b13408ab1fb2e698bc12fa07b0ae73a7ae878c5214c85ab413ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 17900
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 25 Jan 2022 17:36:46 GMT
server: Apache
x-timer: S1669292073.975840,VS0,VE182
etag: "45ec-5d66b87752780"
content-type: image/png
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 troy-51229-pmjpg.jpeg
secure.pva.org/files/pva/banner/ 32 KB
32 KB 365ms
364ms Image
image/jpeg 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/banner/troy-51229-pmjpg.jpeg

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

0aed456a12bd061e676434377e12edea0d6b2eeb3f76645ce38c87a2595b8c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 32617
x-served-by: cache-hhn4055-HHN
last-modified: Wed, 16 Feb 2022 17:22:20 GMT
server: Apache
x-timer: S1669292073.997193,VS0,VE357
etag: "7f69-5d825e4594b00"
content-type: image/jpeg
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 give-24-monthly.png
pva.gospringboard.com/files/pva/ 14 KB
15 KB 30ms
9ms Image
image/png 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pva.gospringboard.com/files/pva/give-24-monthly.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

9909b4d889445b2a5d83e7d1dfabe303cc01fd45ea8a4e00e47ae6d432161a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 12:14:33 GMT
age: 423
x-cache: HIT, HIT
content-length: 14738
x-served-by: cache-iad-kiad7000061-IAD, cache-hhn4076-HHN
last-modified: Fri, 11 Feb 2022 22:11:05 GMT
server: Apache
x-timer: S1669292073.018597,VS0,VE1
etag: "3992-5d7c557caf040"
content-type: image/png
access-control-allow-origin: https://pva.gospringboard.com
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 padlock.png
secure.pva.org/sites/all/modules/springboard/fundraiser/modules/fundraiser_webform/images/ 151 B
330 B 189ms
187ms Image
image/png 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/sites/all/modules/springboard/fundraiser/modules/fundraiser_webform/images/padlock.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

ca17697042f4b65cfbd37638ef574652e0e18aefcad70ae502212d430270efd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 151
x-served-by: cache-hhn4055-HHN
last-modified: Mon, 14 Nov 2022 19:30:59 GMT
server: Apache
x-timer: S1669292073.997442,VS0,VE181
etag: "97-5ed73476e82c0"
content-type: image/png
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 charity-navigator.png
secure.pva.org/files/pva/ 42 KB
42 KB 645ms
643ms Image
image/png 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/charity-navigator.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

4b7bb6a6825655acb3c458d84bce12e5ad49b6b3da15b136bd66afc6982d971d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 43072
x-served-by: cache-hhn4055-HHN
last-modified: Thu, 10 Nov 2022 19:19:40 GMT
server: Apache
x-timer: S1669292073.997888,VS0,VE637
etag: "a840-5ed22a79c36e8"
content-type: image/png
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 impactmatters-five-star-badge@4x.png
secure.pva.org/files/pva/ 54 KB
54 KB 455ms
453ms Image
image/png 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/impactmatters-five-star-badge@4x.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

5d2cd365b3b269f1158f37f186e84987c740498ea1b3dd1d942342f472c6350b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 55337
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 26 Jul 2022 18:59:54 GMT
server: Apache
x-timer: S1669292073.997850,VS0,VE445
etag: "d829-5e4b9e7e23e80"
content-type: image/png
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 Correct2-1-25-22.png
secure.pva.org/files/pva/ 68 KB
68 KB 538ms
537ms Image
image/png 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/Correct2-1-25-22.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

be6b2f47bb17982e415cbc86b4962cafb90e04d778c26a94b16a302e0f11c270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 69205
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 16 Aug 2022 14:51:02 GMT
server: Apache
x-timer: S1669292073.997830,VS0,VE530
etag: "10e55-5e65ce088e180"
content-type: image/png
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 guidestar-pva.png
secure.pva.org/files/pva/ 63 KB
63 KB 815ms
813ms Image
image/png 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/guidestar-pva.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

507f100c6dccad72e4ec52b1548e182c883de6575d1288605b0953460d538ffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 64810
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 26 Jul 2022 18:59:54 GMT
server: Apache
x-timer: S1669292073.997799,VS0,VE807
etag: "fd2a-5e4b9e7e23e80"
content-type: image/png
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 PVALogowhite.png
secure.pva.org/files/pva/ 34 KB
34 KB 647ms
646ms Image
image/png 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/PVALogowhite.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

995da7831c463b9fb934f20b6d698eba8a0ab94c64a1b7bbb2915ebe9ef20624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 34771
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 14 Jun 2022 19:58:04 GMT
server: Apache
x-timer: S1669292073.997792,VS0,VE638
etag: "87d3-5e16dd291ab00"
content-type: image/png
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 250 KB
87 KB 87ms
35ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bbac985b0778673b004c35e3157192d9fcbc301ee834b97359e1c3f4144caf4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88082
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Nov 2022 12:14:33 GMT

GET
H2 200 secure.pva.org.json Show response
script.crazyegg.com/pages/data-scripts/0093/1800/site/ 8 KB
2 KB 82ms
66ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0093/1800/site/secure.pva.org.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0093/1800.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4609cdc03d1fb0e809715803e9687090f1bd88028364b67879776276e59a2ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:32 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5524
ce-version: 11.5.3
content-length: 1916
last-modified: Thu, 24 Nov 2022 10:42:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76f2109c8ace5b6e-FRA

GET
H2 200 c3bdc00a0a2e184487830747601080da.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 77 KB
26 KB 18ms
17ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/c3bdc00a0a2e184487830747601080da.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0093/1800.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a157f2810bd569f8ac3ae5e983237eef42026126c1c215d4fbfa743459c30c62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 16:42:21 GMT
server: cloudflare
age: 66509
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76f210a03d27902a-FRA
content-length: 26762

GET
H2 200 css
fonts.googleapis.com/ 7 KB
844 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Alegreya:500|Raleway:500,700|Zilla+Slab:500i,600i

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/css/css_dd8VjWMcmnzAMH8Rx9AqFa5qrBHqu2amiJx0ajnTIqs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67b5fc09add0c0bdd33c8b1c462e0594650e10bd96b9ac40a19f3fd19912905b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Nov 2022 12:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 12:07:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Nov 2022 12:14:32 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya:500|Raleway:500,700|Zilla+Slab:500i,600i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.pva.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 22:05:34 GMT
x-content-type-options: nosniff
age: 569339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 22:05:34 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ 72 KB
73 KB 42ms
21ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin: https://secure.pva.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y22X6MCS30NT5K5P
age: 374
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73852
x-amz-id-2: kbSFRIcrQlPn/YZKybih95RKbo64A2BqS0+McmqOZBrASYl2Au5dRDXp1w+ibGsLwPrUm7nXd0A=
last-modified: Wed, 30 Jun 2021 15:43:51 GMT
server: cloudflare
etag: "fb493903265cad425ccdf8e04fc2de61"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BrckuZ72BYMembr4%2BgyZgZbuM8zfb2DUGJnU5t%2Bi1LYN0%2F%2FswHw10f0LmnGGSXtDhOEZIqtOb61OjFQA5wjuFweLQFVO53nlx29%2BhLosgCkCwgSRIfp9UH84W8WMAsY%2B7SiEU3aaZiIVGw8tvK3HRlR"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 76f210a06911b7c6-AMS

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 44ms
20ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;1,400;1,600&family=Titillium+Web:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.pva.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 235449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 18:50:24 GMT

GET
H2 200 dFanZfeM_74wlPZtksIFaj8CDHeZWXB3.woff2
fonts.gstatic.com/s/zillaslab/v11/ 27 KB
27 KB 39ms
16ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/zillaslab/v11/dFanZfeM_74wlPZtksIFaj8CDHeZWXB3.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya:500|Raleway:500,700|Zilla+Slab:500i,600i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

202da7243545e62a15c917c50faa62d059cfd74b025ab27f3ade1684e6683c0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.pva.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:19:26 GMT
x-content-type-options: nosniff
age: 240907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27708
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:01:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 17:19:26 GMT

GET

2JXuwd21Q77n6ziIyq_mwrUxGK8Z6bC_zEtibge8R9PQ2iIumLDRrR6cv0GnTdXlqTiYpllfXMPAcZGko6-q0fsM4hr2ijzNIUjs6fWshJxxo7AWgX3aZp-CgcePaiqV3SPGoSDPpj2XcbJlZ7lWyDrGTdsgvyEjwhOML4GroX7DUXPAaOqjSj0dVs2R5n0ORkLZb...
protect-us.mimecast.com/r/
Redirect Chain

https://protect-us.mimecast.com/s/IkrLCVOKrvTND8PTyUQJK
https://protect-us.mimecast.com/r/2JXuwd21Q77n6ziIyq_mwrUxGK8Z6bC_zEtibge8R9PQ2iIumLDRrR6cv0GnTdXlqTiYpllfXMPAcZGko6-q0fsM4hr2ijzNIUjs6fWshJxxo7AWgX3aZp-CgcePaiqV3SPGoSDPpj2XcbJlZ7lWyDrGTdsgvyEjwhO...

0
0

GET
H2 200 credit-card.png
secure.pva.org/sites/all/themes/springboard_themes/springboard_frontend/img/templates/ 3 KB
3 KB 187ms
186ms Image
image/png 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/sites/all/themes/springboard_themes/springboard_frontend/img/templates/credit-card.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/css/css_dd8VjWMcmnzAMH8Rx9AqFa5qrBHqu2amiJx0ajnTIqs.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

9c301048d2f6d7740392c8cca42bd6f53fabb21c8ff92a82e510b0dd9c3a46c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/files/pva/css/css_dd8VjWMcmnzAMH8Rx9AqFa5qrBHqu2amiJx0ajnTIqs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 2575
x-served-by: cache-hhn4055-HHN
last-modified: Mon, 14 Nov 2022 19:30:59 GMT
server: Apache
x-timer: S1669292073.028047,VS0,VE180
etag: "a0f-5ed73476e82c0"
content-type: image/png
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 bank-account.png
secure.pva.org/sites/all/themes/springboard_themes/springboard_frontend/img/templates/ 898 B
1001 B 451ms
451ms Image
image/png 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/sites/all/themes/springboard_themes/springboard_frontend/img/templates/bank-account.png

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/css/css_dd8VjWMcmnzAMH8Rx9AqFa5qrBHqu2amiJx0ajnTIqs.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

f9db89376b035b63954f5b8a4abdef693e8a5fc26540a844102cf9bbe4a09904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/files/pva/css/css_dd8VjWMcmnzAMH8Rx9AqFa5qrBHqu2amiJx0ajnTIqs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 898
x-served-by: cache-hhn4055-HHN
last-modified: Mon, 14 Nov 2022 19:30:59 GMT
server: Apache
x-timer: S1669292073.028033,VS0,VE443
etag: "382-5ed73476e82c0"
content-type: image/png
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 new_cookie Show response
secure.pva.org/js/springboard_cookie/ 184 B
405 B 115ms
115ms XHR
application/json 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/js/springboard_cookie/new_cookie

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/js/js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

c77631c1d356d59a99936682a83dea0c3f339a5b8163f8bbb18bb2d5d9993261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-served-by: cache-hhn4055-HHN
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 12:14:33 GMT
via: 1.1 varnish
server: Apache
x-timer: S1669292073.072933,VS0,VE108
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
accept-ranges: bytes
content-length: 178
x-cache-hits: 0

POST
H2 200 get_token Show response
secure.pva.org/js/springboard_fraud/ 135 B
202 B 113ms
112ms XHR
application/json 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.pva.org/js/springboard_fraud/get_token

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/files/pva/js/js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

74bfee7bbb613ae636355a875ad519f5c3ecff155a5063fd28a3864c119dc58c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-served-by: cache-hhn4055-HHN
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 12:14:33 GMT
via: 1.1 varnish
server: Apache
x-timer: S1669292073.075699,VS0,VE106
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
accept-ranges: bytes
content-length: 140
x-cache-hits: 0

GET
H2 200 premium.jpeg
secure.pva.org/files/pva/premiums/ 68 KB
68 KB 367ms
367ms Image
image/jpeg 151.101.194.130
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.pva.org/files/pva/premiums/premium.jpeg

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.130 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

79b4434cc678e6553ef303c51bfc8a73022fcada5916b3a7ad6cff5b10c77130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
via: 1.1 varnish
age: 0
x-cache: MISS
fastly-restarts: 1
content-length: 69358
x-served-by: cache-hhn4055-HHN
last-modified: Mon, 14 Mar 2022 16:43:42 GMT
server: Apache
x-timer: S1669292073.103416,VS0,VE360
etag: "10eee-5da30620f2b80"
content-type: image/jpeg
access-control-allow-origin: https://secure.pva.org
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 secure.pva.org.json Show response
script.crazyegg.com/pages/data-scripts/0093/1800/sampling/ 146 B
256 B 159ms
159ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0093/1800/sampling/secure.pva.org.json?t=463692
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/c3bdc00a0a2e184487830747601080da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc3642bd3e57dcce7834e76a6c5f456bbb1d44467579a9cabfff069ee9f31cdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 24 Nov 2022 12:14:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.3
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76f210a11b225b6e-FRA
content-length: 141

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 109 KB
43 KB 44ms
22ms Script
application/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-MB4XB63

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c7cdb5575aef3cb2d1acab96f003af6699a1bddbdf963ab2749756e411d787c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44001
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Nov 2022 12:14:33 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1059121912/ 2 KB
2 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1059121912/?random=1669292073143&cv=11&fst=1669292073143&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&tiba=PVA%20Hero%20%7C%20Paralyzed%20Veterans%20of%20America&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65eb2371a38cc91fd50cd4b0e76199c446c0a6360e0e8a8d19fade0b1127f6b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 12:14:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 975
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 69ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 24 Nov 2022 12:14:32 GMT
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 18D37AB21FBD4D43970CCE949AE979CB Ref B: FRA31EDGE0820 Ref C: 2022-11-24T12:14:33Z
etag: "077538f81f4d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11421

GET
H3

200

activityi;dc_pre=CPDVt8jlxvsCFUlFHgIdmt0Kog;src=10339774;type=drtvl0;cat=drtvl0;ord=8846063018404;gtm=2wgb90;auiddc=1546727395.1669292073;~oref=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3D... Show response
10339774.fls.doubleclick.net/ Frame C2C5
Redirect Chain

https://10339774.fls.doubleclick.net/activityi;src=10339774;type=drtvl0;cat=drtvl0;ord=8846063018404;gtm=2wgb90;auiddc=1546727395.1669292073;~oref=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc...
https://10339774.fls.doubleclick.net/activityi;dc_pre=CPDVt8jlxvsCFUlFHgIdmt0Kog;src=10339774;type=drtvl0;cat=drtvl0;ord=8846063018404;gtm=2wgb90;auiddc=1546727395.1669292073;~oref=https%3A%2F%2Fse...

556 B
337 B

86ms
69ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10339774.fls.doubleclick.net/activityi;dc_pre=CPDVt8jlxvsCFUlFHgIdmt0Kog;src=10339774;type=drtvl0;cat=drtvl0;ord=8846063018404;gtm=2wgb90;auiddc=1546727395.1669292073;~oref=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

808c312b2d65429ae6c6fe9eb656951755c833773ce981dcff9939155237e643

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.pva.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 312
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 12:14:33 GMT
expires: Thu, 24 Nov 2022 12:14:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 12:14:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10339774.fls.doubleclick.net/activityi;dc_pre=CPDVt8jlxvsCFUlFHgIdmt0Kog;src=10339774;type=drtvl0;cat=drtvl0;ord=8846063018404;gtm=2wgb90;auiddc=1546727395.1669292073;~oref=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: NNsM6svYQvAv4B0zezvsQolM5YixSRT9kWMoVfn7uKXFBc/E6bmqtypSMy7qjOjxLxNn9Y+oRay0k1fEKAiskQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5228934.js Show response
js.hs-scripts.com/ 1 KB
876 B 232ms
209ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5228934.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b959aa777429c30591c029b1948b999bfe9b51abaf8a8b5b1a6f6231338434c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:33 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 24 Nov 2022 12:07:30 GMT
server: cloudflare
x-hubspot-correlation-id: 82dc8b3b-07ee-4557-a5be-64cdb28e0716
x-trace: 2B5251933331EC1DDADC3A3A3CD45578841C42093E000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://secure.pva.org
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 76f210a17f4abb8f-FRA
expires: Thu, 24 Nov 2022 12:15:33 GMT

GET
H/1.1 200 spx Show response
dx.steelhousemedia.com/ 17 KB
4 KB 758ms
186ms Script
application/javascript 54.69.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=31331&tdr=&plh=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&cb=49101497604068170
Requested by: Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.69.84.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-84-146.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: f99d474d7a7837388ed53be99b39fb8d05798a8788dbfc7e8d73e4d0499dbe6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: application/javascript;charset=utf-8
date: Thu, 24 Nov 2022 12:14:33 GMT
content-encoding: gzip
connection: close
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 41ms
7ms Script
application/x-javascript 13.225.85.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.85.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-85-149.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 24 Nov 2022 01:07:28 GMT
Content-Encoding: gzip
Via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 40026
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: uwcqYKmbp_pZOBcXDROstLhEvODZNeBpPw6oSi8hdMYm_zScv3gcDw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 44ms
29ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VFDSNZZS7J&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

714094fa0cba3a184b48109c5fc578a698436ee70a3e22d6c1a4b1d2612b787d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76431
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Nov 2022 12:14:33 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1059121912/ 42 B
548 B 70ms
20ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1059121912/?random=1669292073143&cv=11&fst=1669291200000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&tiba=PVA%20Hero%20%7C%20Paralyzed%20Veterans%20of%20America&fmt=3&is_vtc=1&random=3356771957&rmt_tld=0&ipr=y

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 12:14:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/1059121912/ 42 B
548 B 43ms
21ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/1059121912/?random=1669292073143&cv=11&fst=1669291200000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&tiba=PVA%20Hero%20%7C%20Paralyzed%20Veterans%20of%20America&fmt=3&is_vtc=1&random=3356771957&rmt_tld=1&ipr=y

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 12:14:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 25ms
7ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T75QB9C

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 11:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3519
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 24 Nov 2022 13:15:54 GMT

GET
H3 200 277423696208286 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 80ms
69ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/277423696208286?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9671b45702c59040fe1e30c2ee8f490e5f5a756503cbb5af44fbe84c78b229de

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: SkDPTxjGY0sgjhxE/dWXj567zLS6MkX1BGtni57W2gWgkUlbWLYBBWkaI45HazRVkDMJ3PaOB43zWpKNHMWCcg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 13002182.js Show response
bat.bing.com/p/action/ 0
137 B 113ms
113ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13002182.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 12:14:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0F22493BF69647E59088949E8B3BA39A Ref B: FRA31EDGE0820 Ref C: 2022-11-24T12:14:33Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800

GET
H2 204 0
bat.bing.com/action/ 0
176 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13002182&tm=gtm002&Ver=2&mid=18d78053-4642-4f98-a6f8-d2477e9c9988&sid=8e03d4f06bf111ed987b1de1221d576b&vid=8e03b6d06bf111ed887599baa875e445&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=PVA%20Hero%20%7C%20Paralyzed%20Veterans%20of%20America&p=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&r=&lt=1855&evt=pageLoad&sv=1&rn=510208

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 12:14:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3689B527B3F242229F0FE146D99A86E9 Ref B: FRA31EDGE0820 Ref C: 2022-11-24T12:14:33Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 62ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VFDSNZZS7J&gtm=2oeb90&_p=57167985&cid=1220429543.1669292073&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669292073&sct=1&seg=0&dl=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&dt=PVA%20Hero%20%7C%20Paralyzed%20Veterans%20of%20America&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VFDSNZZS7J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 12:14:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.pva.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
15ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=57167985&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&ul=en-us&de=UTF-8&dt=PVA%20Hero%20%7C%20Paralyzed%20Veterans%20of%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAACAAI~&jid=594080920&gjid=1739141200&cid=1220429543.1669292073&tid=UA-2917786-1&_gid=1849104720.1669292073&_r=1&gtm=2wgb90T75QB9C&z=1342992117

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.pva.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.pva.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 55ms
18ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2917786-1&cid=1220429543.1669292073&jid=594080920&gjid=1739141200&_gid=1849104720.1669292073&_u=YADAAEAAQAAAACAAI~&z=322346160

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.pva.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.pva.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
460 B 35ms
7ms XHR
application/json 13.32.27.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/c3bdc00a0a2e184487830747601080da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 16:18:54 GMT
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 4737340
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: nJPsYkziNCS5Ve1ZUMWDOxWcOusj-lGoepgW17oETsocLrT9LdfEdQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
460 B 42ms
7ms XHR
application/json 99.86.4.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/c3bdc00a0a2e184487830747601080da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-31.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 11:33:15 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 8124078
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: FsUCY7ALPXfe4rusAMHYgFcp4Z7MFFKdr7RHm-YJ1HTDCzkwqMMhMQ==

GET
BLOB 200
OK d5ee8a8a-176d-49ae-87a9-f2269155343f
https://secure.pva.org/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.pva.org/d5ee8a8a-176d-49ae-87a9-f2269155343f
Requested by: Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H3 200 583415195599118 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 67ms
66ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/583415195599118?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d75c09a0bfbe4c0267d9ad629fac56588c2c0f10bc0ff984e720de5aba1f6d56

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: dco84PU4c5ZQfDYm1oql/9rntMTUP6EMnBPHvtXwazrXSDhEAgf3MB3gPK2LYniStnE+xIJjRLLQi1Dc8SBeeA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 25ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=277423696208286&ev=PageView&dl=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&rl=&if=false&ts=1669292073331&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1669292073330.312954682&it=1669292073209&coo=false&rqm=GET

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 51ms
34ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2917786-1&cid=1220429543.1669292073&jid=594080920&_u=YADAAEAAQAAAACAAI~&z=1532590687

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 60ms
38ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2917786-1&cid=1220429543.1669292073&jid=594080920&_u=YADAAEAAQAAAACAAI~&z=1532590687

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ 28 B
135 B 127ms
59ms XHR
text/plain 34.243.232.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1669292073361
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/c3bdc00a0a2e184487830747601080da.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.232.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-232-139.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 5b9b5865ed0961c917a312c6250f5f9a88047ce76651f5489794e9f780f35373

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 12:14:33 GMT
cache-control: no-store
server: awselb/2.0
content-length: 28
content-type: text/plain

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 41ms
24ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5228934.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f97a1f00cd5aaa7a0e2ae8a3a47031764054e46fa624f71043b618b4c2398b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:33 GMT
x-amz-version-id: aoUPWE.Bu9NRjxDy7F1Soox3yNWe2Us6
via: 1.1 a5f3f63e5cb1bdf37811b61ad2c25cbc.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD55-P4
age: 75
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.302/bundles/pixels-release.js&cfRay=76f20ecce88b8fe6-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Nov 2022 03:38:56 UTC
server: cloudflare
etag: W/"c32a10854f4ff995fc7198ba0324bcc6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 76f210a2df86906a-FRA
x-amz-cf-id: dspIdeQTNPXuGod_aUMJgMd_OKny55BYBT4nWjGYi7CPjpv3L1ZLbw==
x-hs-target-asset: adsscriptloaderstatic/static-1.302/bundles/pixels-release.js

GET
H2 200 5228934.js Show response
js.hs-analytics.net/analytics/1669291800000/ 63 KB
20 KB 202ms
181ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1669291800000/5228934.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5228934.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e163bdaf205d856a0e641e334e102aaf80de016273808ca054f4d6e44bddb79f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:33 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: D99F77WKR2ZPHSQS
x-amz-server-side-encryption: AES256
x-amz-id-2: BjOPtyKTSk2VmVdqc+eHv0QcUfBwUzsVo3TQmIy433FRLot94H4wf2FbfM8jiT5BYlJTOKH1sl8=
last-modified: Fri, 04 Nov 2022 20:30:12 GMT
server: cloudflare
etag: W/"42670141e8495e0b35e9364e99ede1b7"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 76f210a2ee0fbbd7-FRA
expires: Thu, 24 Nov 2022 12:19:33 GMT

GET
H2 200 5228934.js Show response
js.hs-banner.com/ 60 KB
16 KB 518ms
487ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5228934.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5228934.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14aa5f84d92552c95f214c92a33e056a8739a5f8091cb57c5effcf3b5bff3b07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:33 GMT
x-amz-version-id: h14.P_kdhq3GmBiSvT0HHVx_H5MKKwII
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: FB17STJKJDW188S6
x-amz-server-side-encryption: AES256
x-amz-id-2: Hemwteugx+wG/sRboBsZrtxB7fQsZcm7dOdzQs4hSbAUOLx9iH7Grdf5KTB6u2iBPCaj29FKTZU=
last-modified: Tue, 25 Oct 2022 20:34:22 GMT
server: cloudflare
etag: W/"c260e9da24b6f1a2bd7001e040aa83c4"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://secure.pva.org
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 76f210a2fc2b9bce-FRA
expires: Thu, 24 Nov 2022 12:19:33 GMT

GET
H2 200 dc_pre=CPDVt8jlxvsCFUlFHgIdmt0Kog;src=10339774;type=drtvl0;cat=drtvl0;ord=8846063018404;gtm=2wgb90;auiddc=*;~oref=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segme...
adservice.google.com/ddm/fls/z/ Frame C2C5 42 B
494 B 84ms
45ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPDVt8jlxvsCFUlFHgIdmt0Kog;src=10339774;type=drtvl0;cat=drtvl0;ord=8846063018404;gtm=2wgb90;auiddc=*;~oref=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU

Requested by

Host: 10339774.fls.doubleclick.net
URL: https://10339774.fls.doubleclick.net/activityi;dc_pre=CPDVt8jlxvsCFUlFHgIdmt0Kog;src=10339774;type=drtvl0;cat=drtvl0;ord=8846063018404;gtm=2wgb90;auiddc=1546727395.1669292073;~oref=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10339774.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 12:14:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2753482588259980 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 68ms
67ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2753482588259980?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0793c9176ee6b4f5e8eff2f6ad794b734d1ea5472e3829f213637fa7e84ae7c6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: bdaXaa3MYxLUPgxhiOXFxA7L4zjle0Spc0IjPUqMcDTZHklTcsyd3m/AILCbNLWtq5N79lD2rYcSd9oEqiaDEA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 06235e0a24a77091919ad808820d1a86.js Show response
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 20 KB
8 KB 15ms
15ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/06235e0a24a77091919ad808820d1a86.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0093/1800.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 257388e503daa93cd2fea271cfea1e6444d9d36564aeb3fc0451458a5aada329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 09:47:06 GMT
server: cloudflare
age: 66489
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76f210a35aec902a-FRA
content-length: 7993

GET
BLOB 200
OK 8104c306-e670-4baa-a886-4959aaa68c1e
https://secure.pva.org/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.pva.org/8104c306-e670-4baa-a886-4959aaa68c1e
Requested by: Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bde3b6f7a692affe1f0b243a8a69b96ae32df029b8348c45d9a7beee3b4b86c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 18ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=583415195599118&ev=PageView&dl=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&rl=&if=false&ts=1669292073503&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669292073330.312954682&it=1669292073209&coo=false&rqm=GET

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 17ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2753482588259980&ev=PageView&dl=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&rl=&if=false&ts=1669292073504&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669292073330.312954682&it=1669292073209&coo=false&rqm=GET

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 242c90573acb857fd7134cd2b170fa5c.js Show response
script.crazyegg.com/pages/versioned/tracking-scripts/ 96 KB
31 KB 17ms
17ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/tracking-scripts/242c90573acb857fd7134cd2b170fa5c.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0093/1800.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b64dca745780a7d5b07812e2ca957d2ce3a9c396c474c8f521d3cb05fc40755c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 15:45:24 GMT
server: cloudflare
age: 66506
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76f210a39b57902a-FRA
content-length: 31302

POST
H2 201 v11 Show response
tracking.crazyegg.com/ 0
82 B 102ms
101ms XHR
text/plain 34.243.232.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/v11?u=931800&st=350012&s=5137485
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/c3bdc00a0a2e184487830747601080da.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.232.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-232-139.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.pva.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/gzip

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 12:14:33 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain

OPTIONS
H2 200 v11
tracking.crazyegg.com/ Frame 0
0 55ms
55ms Preflight
application/octet-stream 34.243.232.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/v11?u=931800&st=350012&s=5137485
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.232.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-232-139.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.pva.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Access-Control-Allow-Origin,Access-Control-Allow-Methods
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
content-type: application/octet-stream
date: Thu, 24 Nov 2022 12:14:33 GMT
server: awselb/2.0

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=277423696208286&ev=Microdata&dl=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&rl=&if=false&ts=1669292073833&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22PVA%20Hero%20%7C%20Paralyzed%20Veterans%20of%20America%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Please%20join%20me%20in%20honoring%20paralyzed%20and%20disabled%20heroes%20with%20a%20gift%20to%20PVA.%22%2C%22og%3Adescription%22%3A%22I%20made%20a%20gift%20to%20Paralyzed%20Veterans%20of%20America%20to%20honor%20paralyzed%20%26%20disabled%20Veterans!%20Will%20you%20join%20me%20to%20support%20these%20heroes%3F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1669292073330.312954682&it=1669292073209&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 135 B
881 B 183ms
159ms XHR
application/json 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=5228934

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65594aeb9882541c0023d7bb75ac335e18c00096adcff2a239cd0d579e0aa8ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: cdbf02f5-6381-417a-be58-5096951f488a
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BD516BE84084C6262E6121B0131D51BE202587FD7000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://secure.pva.org
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QL511FgiJ9P2f4zEw4bvOtFf50X7plyhDc4PF6rIBfkYM8g%2FqcybPJNXUEjuGnTzbZSYfxTEUgh5T%2FwT%2BGK%2BPuU%2BFvUiSHuvxCQHxzNAmupzLr437%2FJbvpLXWUQZnbTpFbslKu%2FHWkGQqRHy"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 76f210a63b008ff8-FRA
access-control-allow-headers: *

GET is
44.228.85.26/ 0
0

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=583415195599118&ev=Microdata&dl=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&rl=&if=false&ts=1669292074004&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22PVA%20Hero%20%7C%20Paralyzed%20Veterans%20of%20America%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Please%20join%20me%20in%20honoring%20paralyzed%20and%20disabled%20heroes%20with%20a%20gift%20to%20PVA.%22%2C%22og%3Adescription%22%3A%22I%20made%20a%20gift%20to%20Paralyzed%20Veterans%20of%20America%20to%20honor%20paralyzed%20%26%20disabled%20Veterans!%20Will%20you%20join%20me%20to%20support%20these%20heroes%3F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669292073330.312954682&it=1669292073209&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2753482588259980&ev=Microdata&dl=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&rl=&if=false&ts=1669292074005&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22PVA%20Hero%20%7C%20Paralyzed%20Veterans%20of%20America%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Please%20join%20me%20in%20honoring%20paralyzed%20and%20disabled%20heroes%20with%20a%20gift%20to%20PVA.%22%2C%22og%3Adescription%22%3A%22I%20made%20a%20gift%20to%20Paralyzed%20Veterans%20of%20America%20to%20honor%20paralyzed%20%26%20disabled%20Veterans!%20Will%20you%20join%20me%20to%20support%20these%20heroes%3F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669292073330.312954682&it=1669292073209&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 12:14:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK st Show response
px.steelhousemedia.com/ 2 KB
2 KB 799ms
198ms Script
application/javascript 44.233.136.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.steelhousemedia.com/st?ga_tracking_id=UA-2917786-1&ga_client_id=1220429543.1669292073&shpt=PVA%20Hero%20%7C%20Paralyzed%20Veterans%20of%20America&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-2917786-1%22%2C%22ga_client_id%22%3A%221220429543.1669292073%22%2C%22shpt%22%3A%22PVA%20Hero%20%7C%20Paralyzed%20Veterans%20of%20America%22%2C%22dcm_cid%22%3A%221669292073.1%22%2C%22dcm_gid%22%3A%221849104720.1669292073%22%2C%22ga_utm_campaign%22%3A%22TVR23JU%22%2C%22ga_utm_source%22%3A%22moorettd%22%2C%22ga_utm_medium%22%3A%22display%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getTrackingIdByGA%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1669292073.1&dcm_gid=1849104720.1669292073&dxver=4.0.0&shaid=31331&plh=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&cb=49101497604068170
Requested by: Host: dx.steelhousemedia.com
URL: https://dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=31331&tdr=&plh=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&cb=49101497604068170
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.233.136.7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-136-7.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 25a15950809a0db69413a014fed30040ac0beb488c5b35264b3a7d14c05dec54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 12:14:35 GMT
content-encoding: gzip
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
connection: close
content-type: application/javascript;charset=utf-8

GET
H/1.1 200
OK gs Show response
ww.steelhousemedia.com/ 144 B
733 B 814ms
203ms Script
application/javascript 44.238.130.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.steelhousemedia.com/gs
Requested by: Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.238.130.186 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-130-186.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 5b780b2963cd6466c7e0e62a415a33b7aaa3642ee200df24f511be5f5f901540

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:14:35 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

POST
H2 201 v11 Show response
tracking.crazyegg.com/ 0
82 B 116ms
116ms XHR
text/plain 34.243.232.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/v11?u=931800&st=350012&s=5137485
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/c3bdc00a0a2e184487830747601080da.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.232.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-232-139.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.pva.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/gzip

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 12:14:35 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain

OPTIONS
H2 200 v11
tracking.crazyegg.com/ Frame 0
0 52ms
52ms Preflight
application/octet-stream 34.243.232.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/v11?u=931800&st=350012&s=5137485
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.232.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-232-139.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.pva.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Access-Control-Allow-Origin,Access-Control-Allow-Methods
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
content-type: application/octet-stream
date: Thu, 24 Nov 2022 12:14:35 GMT
server: awselb/2.0

GET
H/1.1 200
OK st Show response
px.steelhousemedia.com/ 5 KB
2 KB 573ms
200ms Script
application/javascript 44.233.136.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.steelhousemedia.com/st?ga_tracking_id=UA-2917786-1&ga_client_id=1220429543.1669292073&shpt=PVA%20Hero%20%7C%20Paralyzed%20Veterans%20of%20America&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-2917786-1%22%2C%22ga_client_id%22%3A%221220429543.1669292073%22%2C%22shpt%22%3A%22PVA%20Hero%20%7C%20Paralyzed%20Veterans%20of%20America%22%2C%22dcm_cid%22%3A%221669292073.1%22%2C%22dcm_gid%22%3A%221849104720.1669292073%22%2C%22ga_utm_campaign%22%3A%22TVR23JU%22%2C%22ga_utm_source%22%3A%22moorettd%22%2C%22ga_utm_medium%22%3A%22display%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getTrackingIdByGA%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1669292073.1&dcm_gid=1849104720.1669292073&dxver=4.0.0&shaid=31331&plh=https%3A%2F%2Fsecure.pva.org%2Fpva%2Fpva-hero%3Fsc%3Ddisplay%26mc%3DTVD23JU%26segment-code%3DZZZ%26utm_source%3Dmoorettd%26utm_medium%3Ddisplay%26utm_content%3DDRTVDisplay%26utm_campaign%3DTVR23JU&cb=166929207512472&shguid=109d347c-217a-359d-95a3-992b01313dcb&shgts=1669292075940
Requested by: Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.233.136.7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-136-7.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: c5430da54a5920986cc74cafad2d15fc57689d24c24350389dd7f1552f87e89f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 12:14:36 GMT
content-encoding: gzip
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
connection: close
content-type: application/javascript;charset=utf-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 111ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=8f257379-6bf1-11ed-bcb9-09b22f181849&gdpr=&gdpr_consent=
Requested by: Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 24 Nov 2022 12:14:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 117ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=thbhq2b&ct=0:58t8rd0&fmt=3
Requested by: Host: secure.pva.org
URL: https://secure.pva.org/pva/pva-hero?sc=display&mc=TVD23JU&segment-code=ZZZ&utm_source=moorettd&utm_medium=display&utm_content=DRTVDisplay&utm_campaign=TVR23JU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.pva.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 24 Nov 2022 12:14:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: protect-us.mimecast.com
URL: https://protect-us.mimecast.com/r/2JXuwd21Q77n6ziIyq_mwrUxGK8Z6bC_zEtibge8R9PQ2iIumLDRrR6cv0GnTdXlqTiYpllfXMPAcZGko6-q0fsM4hr2ijzNIUjs6fWshJxxo7AWgX3aZp-CgcePaiqV3SPGoSDPpj2XcbJlZ7lWyDrGTdsgvyEjwhOML4GroX7DUXPAaOqjSj0dVs2R5n0ORkLZbsmFCUU0g1r9FeJgYbmi-DQfPzpl93IexEKrsAYeEkmpzid8If49HRseU0pdKzoBCbw-vacbP0xBb8lHDgCK33F6MXqOw0PSJByl2ZZwZmhiogo77BT4AmCHPFQRCov_M2h5M4pLTmYJjsVyptJkFrCD8g32-rjQHiO8YG-_D3EzgMmLuM7kosn0hbc1zrBsByWHHaXEBp6IRM1xTPfwpLXqQQLMttpPlQxfmf-qH24COdOtkr6tNN8K7q875gv4uimEdu7a8-iq54bfnSn0tNDVg4QPh5vA_NjKdx_QCyjgo2KZ98s9TyOpLkIBEEw8lzq-O75XdhyNF5HYUB1ssuK7uGrURCpZP9kZGZ4BDea6LPXHrl1jCSGaga6z9BFs7PYYZhBl9jUZ19yWqhu6Vsv2kedXOCsIsbJtOllBNS4L2FMJHIbs0JmzMp9txfHGom3voKHXkRrurT_s4IwtNpLRNvBB6w3ikeR0RS6HJv6QH6wjwciEZ5UO8ti4bAF_lWYOLVEz1sx2JiNpm5iIaXamsEGGqAn7-t-sss40083eP_P9wZyxXaSLb-YspQeJAqR_1iT_mMBlDzInU_K4a0Fto5CkTxK4SIDHNmCnPoiTggScN2PumybPLBZgWi-di4B8DCBOxb6Txk-6p5z6BRpj9H8YMELujMIWDtF8F6u1IBbgILi-9ee_80hie44vHvpIYU1NMnLUphes5eGS7T19NDfuyPKLC_R-1JzQDusNWZTOdZN9KfGTy9m7aR6d3YFA8k1MJ10yoXhrjFgRSu8PkOEPdwCCud1Qy3dzcn6AgQU22aRDDdq6RNorWtrsQUkIoNwLScBeBV7uFj5Cp_DvbfYW7M5QlwssSCGpYtXqflz5_VtdYVpqG_fIz4sneQ7fmebn4oRWdlwuBTfOJ7Cf05RjnoIK9gmQtZZE8jAFrc003XKKdWE-sGkPhCBq-gj3igVi870v2-RZ7Uu_GAOhM20dPjjJfKo0Mhp8i_cYzZ4xbWmHMLLTewpYw6yfTjTpmuejPQYV03HkR0K91WLalhozQ51_DtzPS7RlCu11N3sVA99SUeK-9ll9O5ZtTFkstoN5rhNtbaPHUcinGPBUQyhtzSts0mPJQGJwCrylzdix5_NgKIGP0Xav_79L1p-_QZhjALAnV5aEXlHIwewjA9zrZ5ZmPK6u0uwBztm2OrunhgaeBbtcO55d05vUDLQMwzi0EaIkbhpvkuoiiFWuMU2a17EdSUJEH81F5IqsDmeKsPtKXnsCbUKY-JuIUf2II9tj-OfQY3hIk9J84mGJsqxCU0Rbj4Vk_H-qyWI-O-UcYujwclhg_Xe70fK5F16hlLYVA2RROkv4Y2jRAfyu5J47YO1H6BNhRqQBrI1INygwHxnRMEMAr8ojxoKT6Z_NG1WQ-Jv6zjuF_amvfR80aN0oOIKrM4vr2BUZchOKsoWPZ0p8DjEIcrJb6hWzo9AEFTMb2uKn6yJ5gJo7oIoXzFKCMRUwWCQ2ru5RGHbN2JDcljSJioyRB0eTc2J3LQeCEyQFPaCgbU2eY4IUKdc0INCYelOft2-7vrAvL59HKm-aLX5WKMuOnbfXUZF0FPh_cZiKEKMvaOT9OWznHMmpchn8LCqZSgLoXUV1Alq7rWBI2uSJqpRNXo60zjlT9bEnE8nm47q_bMD9ASia_OH5Pzkz4JTU3Jhc0ZLW-jCxSDxXkPDvW9hIvCWPSQ86QJTmiN_4VJkSoBqO7yJYOs5G4nzBb9xAz4KzggGTSTucgo9eg-pcx7sULAO9Wq-FeasvzhFGgu6C6UNE-tMP7sbRPKiIHK9VVqFJRxgKSBHFy6ic2vk621xj-sirUWsThNMfSE_TxYg9ZhC-Fg

Domain: 44.228.85.26
URL: https://44.228.85.26/is

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.pva.org/	1969-12-31 23:59:59	Name: market_source__utm_source Value: moorettd
secure.pva.org/	1969-12-31 23:59:59	Name: market_source__utm_medium Value: display
secure.pva.org/	1969-12-31 23:59:59	Name: market_source__utm_content Value: DRTVDisplay
secure.pva.org/	1969-12-31 23:59:59	Name: market_source__utm_campaign Value: TVR23JU
secure.pva.org/	1969-12-31 23:59:59	Name: market_source__initial_referrer Value: (none)
secure.pva.org/	1969-12-31 23:59:59	Name: cookies_enabled Value: 1
.pva.org/	1970-01-20 09:51:08	Name: _gcl_au Value: 1.1.1546727395.1669292073
secure.pva.org/	1970-01-20 17:17:32	Name: Springboard Value: 4anab6ZIGPzQlC9oBZ5ERIOlv%2BWZVqqoidICsZjRqAnovbDIqJn7Uh2HyFHZ73em
.bing.com/	1970-01-20 17:03:08	Name: MUID Value: 2A37B7BB9AA964FA1783A5DD9B056571
.pva.org/	1970-01-20 07:42:58	Name: _uetsid Value: 8e03d4f06bf111ed987b1de1221d576b
.pva.org/	1970-01-20 17:03:08	Name: _uetvid Value: 8e03b6d06bf111ed887599baa875e445
.pva.org/	1970-01-20 17:17:32	Name: _ga_VFDSNZZS7J Value: GS1.1.1669292073.1.0.1669292073.0.0.0
.pva.org/	1970-01-20 17:17:32	Name: _ga Value: GA1.2.1220429543.1669292073
.pva.org/	1970-01-20 07:42:58	Name: _gid Value: GA1.2.1849104720.1669292073
.pva.org/	1970-01-20 07:41:32	Name: _gat_UA-2917786-1 Value: 1
.pva.org/	1969-12-31 23:59:59	Name: cebs Value: 1
.pva.org/	1970-01-20 09:51:08	Name: _fbp Value: fb.1.1669292073330.312954682
.doubleclick.net/	1970-01-20 17:03:08	Name: IDE Value: AHWqTUl1ZrEPsk9L4iGPoIj1Es4VWhKDjoO0iT2Su-cjgBAkcR9IxpVNxBLBv-diK_w
.pva.org/	1969-12-31 23:59:59	Name: cebsp Value: 1
.pva.org/	1970-01-20 16:27:08	Name: _ce.s Value: v~e33b9ee384f61854096a568d1c57eff276dcc4d9~vpv~0~v11.rlc~1669292073494~ir~1
.steelhousemedia.com/	1970-01-20 17:17:32	Name: guid Value: 8f257379-6bf1-11ed-bcb9-09b22f181849
.px.steelhousemedia.com/	1970-01-20 17:17:32	Name: tt Value: "H4sIAAAAAAAAAKtWMjY0NjaMN7IwtlCyMjQzszSyNDIwNzM1NNJR8guKh8qaWxorWRnoKJUpWaGIg3UZ1AIAO04NJkYAAAA="
.steelhousemedia.com/	1970-01-20 17:17:32	Name: rt Value: "MzEzMzE6MTY2OTI5MjA3Ng=="

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://secure.pva.org/js/bootstrap-4.3.1.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secure.pva.org/js/popper-1.14.7.min.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10339774.fls.doubleclick.net
44.228.85.26
adservice.google.com
api.hubapi.com
assets-tracking.crazyegg.com
bat.bing.com
connect.facebook.net
dx.steelhousemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
match.adsrvr.org
pagestates-tracking.crazyegg.com
protect-us.mimecast.com
pva.gospringboard.com
px.steelhousemedia.com
region1.google-analytics.com
script.crazyegg.com
secure.pva.org
stats.g.doubleclick.net
tracking.crazyegg.com
use.fontawesome.com
ww.steelhousemedia.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.google.de
www.googletagmanager.com
44.228.85.26
protect-us.mimecast.com
13.225.85.149
13.32.27.106
142.250.185.230
15.197.193.217
151.101.194.130
2001:4860:4802:32::36
2001:4860:4802:34::178
2606:4700:4400::ac40:9a55
2606:4700::6811:43b0
2606:4700::6811:71b0
2606:4700::6811:cacc
2606:4700::6811:d3cc
2606:4700::6813:9308
2606:4700:e2::ac40:840f
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c08::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.243.232.139
44.233.136.7
44.238.130.186
54.69.84.146
99.86.4.31
0045273fe3b4f81665145a395346b335e13500f74c5812c323c581a88b47e97a
0793c9176ee6b4f5e8eff2f6ad794b734d1ea5472e3829f213637fa7e84ae7c6
0aed456a12bd061e676434377e12edea0d6b2eeb3f76645ce38c87a2595b8c3c
0c7cdb5575aef3cb2d1acab96f003af6699a1bddbdf963ab2749756e411d787c
14aa5f84d92552c95f214c92a33e056a8739a5f8091cb57c5effcf3b5bff3b07
150a5122614b13408ab1fb2e698bc12fa07b0ae73a7ae878c5214c85ab413ae8
202da7243545e62a15c917c50faa62d059cfd74b025ab27f3ade1684e6683c0a
243a883105300b38802320171655c86d0f974ebc339a319228b9d91363eb93be
257388e503daa93cd2fea271cfea1e6444d9d36564aeb3fc0451458a5aada329
25a15950809a0db69413a014fed30040ac0beb488c5b35264b3a7d14c05dec54
29a1e1021e134a86ce5ef524e17d465075a14f162d6b47e9a5c433c18819175e
3e1ddbec6cde27710c2d308740a8a0d75b967a827cdceecd9037f99b90392fa3
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
45f97a1f00cd5aaa7a0e2ae8a3a47031764054e46fa624f71043b618b4c2398b
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
4b7bb6a6825655acb3c458d84bce12e5ad49b6b3da15b136bd66afc6982d971d
4b959aa777429c30591c029b1948b999bfe9b51abaf8a8b5b1a6f6231338434c
507f100c6dccad72e4ec52b1548e182c883de6575d1288605b0953460d538ffc
55d404a72e9cb44d86c80ddb94bf3e6c059b8a6fc09f3eabb8cd4a4651cf317c
5b780b2963cd6466c7e0e62a415a33b7aaa3642ee200df24f511be5f5f901540
5b9b5865ed0961c917a312c6250f5f9a88047ce76651f5489794e9f780f35373
5d2cd365b3b269f1158f37f186e84987c740498ea1b3dd1d942342f472c6350b
65594aeb9882541c0023d7bb75ac335e18c00096adcff2a239cd0d579e0aa8ce
65eb2371a38cc91fd50cd4b0e76199c446c0a6360e0e8a8d19fade0b1127f6b2
67b5fc09add0c0bdd33c8b1c462e0594650e10bd96b9ac40a19f3fd19912905b
6cc35ca80a8e729541e15198c3a17d1c338d1df6f7eb7bf086ad1fafaee47313
714094fa0cba3a184b48109c5fc578a698436ee70a3e22d6c1a4b1d2612b787d
73f3f8243743b55b31cc0804ebe007cf13fc7af47137ed8cf4b0a9ae9378c9bd
74bfee7bbb613ae636355a875ad519f5c3ecff155a5063fd28a3864c119dc58c
75df158d631c9a7cc0307f11c7d02a15ae6aac11eabb66a6889c746a39d322ab
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
79b4434cc678e6553ef303c51bfc8a73022fcada5916b3a7ad6cff5b10c77130
808c312b2d65429ae6c6fe9eb656951755c833773ce981dcff9939155237e643
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9671b45702c59040fe1e30c2ee8f490e5f5a756503cbb5af44fbe84c78b229de
9909b4d889445b2a5d83e7d1dfabe303cc01fd45ea8a4e00e47ae6d432161a19
995da7831c463b9fb934f20b6d698eba8a0ab94c64a1b7bbb2915ebe9ef20624
9c301048d2f6d7740392c8cca42bd6f53fabb21c8ff92a82e510b0dd9c3a46c3
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a157f2810bd569f8ac3ae5e983237eef42026126c1c215d4fbfa743459c30c62
aac1d59d963b1f540843980147a017ff03418f67fce50d60ac37ce81996fe84c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b64dca745780a7d5b07812e2ca957d2ce3a9c396c474c8f521d3cb05fc40755c
bbac985b0778673b004c35e3157192d9fcbc301ee834b97359e1c3f4144caf4b
bc3642bd3e57dcce7834e76a6c5f456bbb1d44467579a9cabfff069ee9f31cdf
bde3b6f7a692affe1f0b243a8a69b96ae32df029b8348c45d9a7beee3b4b86c7
be6b2f47bb17982e415cbc86b4962cafb90e04d778c26a94b16a302e0f11c270
c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e
c5430da54a5920986cc74cafad2d15fc57689d24c24350389dd7f1552f87e89f
c77631c1d356d59a99936682a83dea0c3f339a5b8163f8bbb18bb2d5d9993261
ca17697042f4b65cfbd37638ef574652e0e18aefcad70ae502212d430270efd1
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d75c09a0bfbe4c0267d9ad629fac56588c2c0f10bc0ff984e720de5aba1f6d56
d96b5e4399e113c943685b8ecf6e6c5435e1dc52e7ac77a24e28672edd890e82
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e14ac93e32a6b8bcd255f53ad8d3230ec4c911f5836d8683f22f85b9a087aee9
e163bdaf205d856a0e641e334e102aaf80de016273808ca054f4d6e44bddb79f
e18e53c226d26c31147ddfb96a849f7b9d9fe6ed2d74f1ddda01476af47c5b63
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4609cdc03d1fb0e809715803e9687090f1bd88028364b67879776276e59a2ff
f99d474d7a7837388ed53be99b39fb8d05798a8788dbfc7e8d73e4d0499dbe6a
f9db89376b035b63954f5b8a4abdef693e8a5fc26540a844102cf9bbe4a09904

secure.pva.org Open in urlscan Pro 151.101.194.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

96 %HTTPS

68 %IPv6

24 Domains

35 Subdomains

32 IPs

4 Countries

1475 kBTransfer

3523 kBSize

23 Cookies

4 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.pva.org Open in urlscan Pro
151.101.194.130 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

96 %
HTTPS

68 %
IPv6

24
Domains

35
Subdomains

32
IPs

4
Countries

1475 kB
Transfer

3523 kB
Size

23
Cookies

90 HTTP transactions
0 data transactions