givenow.lls.org Open in urlscan Pro
2606:4700::6812:7115 Public Scan

URL: https://classy.org/give/299329/#!/donation/checkout
Title: Donar

URL: https://www.lls.org/ways-to-donate/donate-crypto
Title: here

URL: https://www.classy.org/terms/
Title: Terms of Service

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

URL: https://www.classy.org/terms
Title: Terms of Service

URL: https://www.classy.org/terms/privacy
Title: Privacy Policy

URL: https://www.lls.org/sites/default/files/2021-08/Donate-by-mail-form-8-21.pdf
Title: mail

URL: https://www.charitynavigator.org/index.cfm?bay=search.summary\u0026amp;orgid=3993

URL: https://www.guidestar.org/profile/13-5644916

URL: https://greatnonprofits.org/org/the-leukemia-lymphoma-society

URL: https://www.charitywatch.org/charities/leukemia-lymphoma-society

URL: https://www.lls.org/article/refund-policy?_ga=2.131356364.2115204755.1657652971-145610482.1654635694
Title: Refund

URL: https://www.lls.org/article/privacy-policy?_ga=2.131356364.2115204755.1657652971-145610482.1654635694
Title: Privacy

URL: https://www.lls.org/article/copyright?_ga=2.124539465.2115204755.1657652971-145610482.1654635694
Title: Copyright

URL: https://www.lls.org/article/security?_ga=2.124539465.2115204755.1657652971-145610482.1654635694
Title: Security

URL: https://www.lls.org/article/disclaimer?_ga=2.124336969.2115204755.1657652971-145610482.1654635694
Title: Disclaimer

server-65-9-95-128.prg50.r.cloudfront.net

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.e.lls.org/?qs=48f44d8372f7673a239a3f3e62a1610c2dba01bbaaa0219d828537827498b17c16da1567cd15aa352aa05587985fd225b79de00b41a0a435bad1cf6b35598110 HTTP 302
https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://givenow.lls.org/ HTTP 301
https://givenow.lls.org/give/342076/

Request Chain 115

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgst;ord=9205260222087;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986 HTTP 302
https://8977078.fls.doubleclick.net/activityi;dc_pre=CPDNkISkxvwCFYxOwgodVo8G5A;src=8977078;type=allpg;cat=allpgst;ord=9205260222087;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986

Request Chain 116

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgun;ord=1;num=8638746598057;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986 HTTP 302
https://8977078.fls.doubleclick.net/activityi;dc_pre=CKLdkoSkxvwCFVZUwgod32QPlA;src=8977078;type=allpg;cat=allpgun;ord=1;num=8638746598057;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986

Request Chain 124

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=912539043203294500 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=912539043203294500&dcc=t

Request Chain 140

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=app_star;cat=donatest;ord=1;num=5751521390507;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986 HTTP 302
https://8977078.fls.doubleclick.net/activityi;dc_pre=CNTfkoSkxvwCFc9NHgIdJI4Ojw;src=8977078;type=app_star;cat=donatest;ord=1;num=5751521390507;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986

Request Chain 142

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=898800766207011800 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=898800766207011800&dcc=t

Request Chain 188

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1386838610&cv=11&fst=1673672527987&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=500378098.1673672528&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=UDfCY7vcDpHJmLAP_9qQwAc&sscte=1&crd=&eitems=ChEIgJ-EngYQueCe34z8vfn5ARIdAHw4BgP4-49IeBLliVfPbVDdQDOYDdjAHtrU51Q&pscrd=EkxDaEFJZ0otRW5nWVFuS0NBNmYtcDZLWVhFaVVBTG5heEtjcjFiTDdhSWhrZGhleUw2T09aUjZzclRnWk5Ja2Z1YWVfNXZwSWZRZndoGlhDaEVJZ0otRW5nWVF5Sjdrc3VUQl9ibnJBUkl0QU1BeVJpZUJhb2JtdkFLUWJ5a1ZLaW0tLVBqbGkxSy1YN2NINHJaYi1nTlZpUGk1cUVEak5iczhfa3A4 HTTP 302
https://www.google.com/pagead/1p-conversion/1070099938/?random=1386838610&cv=11&fst=1673672527987&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=500378098.1673672528&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0otRW5nWVFuS0NBNmYtcDZLWVhFaVVBTG5heEtjcjFiTDdhSWhrZGhleUw2T09aUjZzclRnWk5Ja2Z1YWVfNXZwSWZRZndoGlhDaEVJZ0otRW5nWVF5Sjdrc3VUQl9ibnJBUkl0QU1BeVJpZUJhb2JtdkFLUWJ5a1ZLaW0tLVBqbGkxSy1YN2NINHJaYi1nTlZpUGk1cUVEak5iczhfa3A4&is_vtc=1&ocp_id=UDfCY7vcDpHJmLAP_9qQwAc&cid=CAQSKQDq26N9NHXSSmdjWw4hTdhbSODTzm4AYZnhAPmOurEgPjQ_OoF6tuMzIBM&eitems=ChEIgJ-EngYQueCe34z8vfn5ARIdAHw4BgMmBQTRRnW77LwFeKzbhiCUp2Atou5A2fo&random=1841767409 HTTP 302
https://www.google.de/pagead/1p-conversion/1070099938/?random=1386838610&cv=11&fst=1673672527987&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=500378098.1673672528&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0otRW5nWVFuS0NBNmYtcDZLWVhFaVVBTG5heEtjcjFiTDdhSWhrZGhleUw2T09aUjZzclRnWk5Ja2Z1YWVfNXZwSWZRZndoGlhDaEVJZ0otRW5nWVF5Sjdrc3VUQl9ibnJBUkl0QU1BeVJpZUJhb2JtdkFLUWJ5a1ZLaW0tLVBqbGkxSy1YN2NINHJaYi1nTlZpUGk1cUVEak5iczhfa3A4&is_vtc=1&ocp_id=UDfCY7vcDpHJmLAP_9qQwAc&cid=CAQSKQDq26N9NHXSSmdjWw4hTdhbSODTzm4AYZnhAPmOurEgPjQ_OoF6tuMzIBM&eitems=ChEIgJ-EngYQueCe34z8vfn5ARIdAHw4BgMmBQTRRnW77LwFeKzbhiCUp2Atou5A2fo&random=1841767409&ipr=y&prhg=0&ezwbk=AZuM4hDMLueHhrVO87tnx8BSl5ToGonst1RpNSM0TS7g_Q-nJrRIUKAyKiDiRhR9ES1I01lGLSX-hv_FBSPxW951fqMY

Request Chain 189

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/779965559/?random=1668165553&cv=11&fst=1673672527985&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=500378098.1673672528&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=UDfCY9LZDq2MmLAPs7qN0AI&sscte=1&crd=&eitems=ChEIgJ-EngYQueCe34z8vfn5ARIdAHw4BgPcANF85WEw8bpcsu3PU0OJFAC8xIslN_0&pscrd=EkxDaEFJZ0otRW5nWVFuS0NBNmYtcDZLWVhFaVVBTG5heEtjcjFiTDdhSWhrZGhleUw2T09aUjZzclRnWk5Ja2Z1YWVfNXZwSWZRZndoGlhDaEVJZ0otRW5nWVF5Sjdrc3VUQl9ibnJBUkl0QU1BeVJpZWJfdlFsMDhKSHpGend1Z1Z6WUs1QjY5Ty1mRHlWZXRhcjJfYU5JNnduMDJKeHZLenZYbUJo HTTP 302
https://www.google.com/pagead/1p-conversion/779965559/?random=1668165553&cv=11&fst=1673672527985&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=500378098.1673672528&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0otRW5nWVFuS0NBNmYtcDZLWVhFaVVBTG5heEtjcjFiTDdhSWhrZGhleUw2T09aUjZzclRnWk5Ja2Z1YWVfNXZwSWZRZndoGlhDaEVJZ0otRW5nWVF5Sjdrc3VUQl9ibnJBUkl0QU1BeVJpZWJfdlFsMDhKSHpGend1Z1Z6WUs1QjY5Ty1mRHlWZXRhcjJfYU5JNnduMDJKeHZLenZYbUJo&is_vtc=1&ocp_id=UDfCY9LZDq2MmLAPs7qN0AI&cid=CAQSKQDq26N9YZtfK8Iesr6oBK1K7ARkFhk2Je5BLZb8QMfJCDbF2L6tS8GoIBM&eitems=ChEIgJ-EngYQueCe34z8vfn5ARIdAHw4BgNN9RIy6-Bs8CcevIb8u5t4HlvoIeYZ8jA&random=3181740069 HTTP 302
https://www.google.de/pagead/1p-conversion/779965559/?random=1668165553&cv=11&fst=1673672527985&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=500378098.1673672528&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0otRW5nWVFuS0NBNmYtcDZLWVhFaVVBTG5heEtjcjFiTDdhSWhrZGhleUw2T09aUjZzclRnWk5Ja2Z1YWVfNXZwSWZRZndoGlhDaEVJZ0otRW5nWVF5Sjdrc3VUQl9ibnJBUkl0QU1BeVJpZWJfdlFsMDhKSHpGend1Z1Z6WUs1QjY5Ty1mRHlWZXRhcjJfYU5JNnduMDJKeHZLenZYbUJo&is_vtc=1&ocp_id=UDfCY9LZDq2MmLAPs7qN0AI&cid=CAQSKQDq26N9YZtfK8Iesr6oBK1K7ARkFhk2Je5BLZb8QMfJCDbF2L6tS8GoIBM&eitems=ChEIgJ-EngYQueCe34z8vfn5ARIdAHw4BgNN9RIy6-Bs8CcevIb8u5t4HlvoIeYZ8jA&random=3181740069&ipr=y&prhg=0&ezwbk=AZuM4hCzeWKZcfJG1QND5E4D9zM986e_1KBuDIGqDf0LAt0eTIP0fP-Y2MDPKAag0H0Bg6rs3JJs6ROdPQXAC4sGpgVm

Request Chain 192

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1136262255&cv=11&fst=1673672528167&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=500378098.1673672528&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=UDfCY-zpD4fH1wb8lKDIBw&sscte=1&crd=&eitems=ChEIgJ-EngYQueCe34z8vfn5ARIdAHw4BgNgtUuKYakYE4mKlTACD8QGxYd3ihIjZUI&pscrd=EkxDaEFJZ0otRW5nWVFuS0NBNmYtcDZLWVhFaVVBTG5heEtjcjFiTDdhSWhrZGhleUw2T09aUjZzclRnWk5Ja2Z1YWVfNXZwSWZRZndoGlhDaEVJZ0otRW5nWVF5Sjdrc3VUQl9ibnJBUkl0QU1BeVJpZVl4T2xrTGhpU3BLZGhEalU0X0JkWUFIeWlzakpDRWJKWmRyLUFSd0drcWtvVGdNNHkwWkhM HTTP 302
https://www.google.com/pagead/1p-conversion/1070099938/?random=1136262255&cv=11&fst=1673672528167&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=500378098.1673672528&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0otRW5nWVFuS0NBNmYtcDZLWVhFaVVBTG5heEtjcjFiTDdhSWhrZGhleUw2T09aUjZzclRnWk5Ja2Z1YWVfNXZwSWZRZndoGlhDaEVJZ0otRW5nWVF5Sjdrc3VUQl9ibnJBUkl0QU1BeVJpZVl4T2xrTGhpU3BLZGhEalU0X0JkWUFIeWlzakpDRWJKWmRyLUFSd0drcWtvVGdNNHkwWkhM&is_vtc=1&ocp_id=UDfCY-zpD4fH1wb8lKDIBw&cid=CAQSKQDq26N93UiyXiRcTMhUboUDeskP5nBbKymYg3CIMl7ydvrRDj7glPyWIBM&eitems=ChEIgJ-EngYQueCe34z8vfn5ARIdAHw4BgNpA_9CgogxbaAfszaagqpd2UBhwMarDT0&random=174878127 HTTP 302
https://www.google.de/pagead/1p-conversion/1070099938/?random=1136262255&cv=11&fst=1673672528167&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=500378098.1673672528&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0otRW5nWVFuS0NBNmYtcDZLWVhFaVVBTG5heEtjcjFiTDdhSWhrZGhleUw2T09aUjZzclRnWk5Ja2Z1YWVfNXZwSWZRZndoGlhDaEVJZ0otRW5nWVF5Sjdrc3VUQl9ibnJBUkl0QU1BeVJpZVl4T2xrTGhpU3BLZGhEalU0X0JkWUFIeWlzakpDRWJKWmRyLUFSd0drcWtvVGdNNHkwWkhM&is_vtc=1&ocp_id=UDfCY-zpD4fH1wb8lKDIBw&cid=CAQSKQDq26N93UiyXiRcTMhUboUDeskP5nBbKymYg3CIMl7ydvrRDj7glPyWIBM&eitems=ChEIgJ-EngYQueCe34z8vfn5ARIdAHw4BgNpA_9CgogxbaAfszaagqpd2UBhwMarDT0&random=174878127&ipr=y&prhg=0&ezwbk=AZuM4hAG9z7KmqyfDMD9ex-tXhB3qwl-XGpeN4Jc7dMiPAUZgCSzHDlqE5InEWzK5G3tM4hJVOi_O7x5SfiqeH59wzYa

Request Chain 252

https://ib.adnxs.com/setuid/a9?entity=188&code=NwEiRz85RZCRux6KV0SOkw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DNwEiRz85RZCRux6KV0SOkw%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=NwEiRz85RZCRux6KV0SOkw

Request Chain 254

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=219783204396000255122&ex=neustar.biz

Request Chain 255

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=FErG4E8MTBWc1dO3je-TEA&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=FErG4E8MTBWc1dO3je-TEA&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y8I3UaCmvoy8f5BMrA-aqgAA

Request Chain 256

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3ceed62b6414fa2bad889bdbe469c103

Request Chain 257

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 258

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=GZ2aaXs1Reu92WeKyoNHxg HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=GZ2aaXs1Reu92WeKyoNHxg&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=GZ2aaXs1Reu92WeKyoNHxg

Request Chain 259

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=003ae79b-9057-409d-aa05-c85860974c35

Request Chain 262

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 263

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 265

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=15ea75cc-e6f9-4a0f-987e-3612993d01cd&ex=improvedigital.com

Request Chain 267

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=1098e3a4a8bd67b75

Request Chain 268

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aE5taiWYQjykVjHn1zSRTw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aE5taiWYQjykVjHn1zSRTw

Request Chain 269

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=lOkFEUSKSk2CCDBmTULYjA&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=lOkFEUSKSk2CCDBmTULYjA

Request Chain 270

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=g3assmw1QGqGymNeCDviIg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=g3assmw1QGqGymNeCDviIg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=90593307181902252891720279266256523666

Request Chain 271

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=vVj-ZIJ7TjyoqAcJl7s55w HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812439020702829142&gdpr=&gdpr_consent=

Request Chain 273

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=7903695190915005722

Request Chain 274

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=9992ff25-93c8-11ed-b770-160292010306 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=9992feeb-93c8-11ed-b770-160292010306

Request Chain 275

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22f804e1c1-a2a1-492b-ad8e-04d6b8f94efa%22,%22Time%22:%2220230114T050209.750081%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f804e1c1-a2a1-492b-ad8e-04d6b8f94efa

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEObLiRDSzqSM40uNoCAXDBQ&google_cver=1

Request Chain 278

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f9cd3c54b9d6bbbc06391b9112462dc3

Request Chain 280

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KpAAYfCS9PTMLdN41Wq0nzc4ZBA4ZgIC

Request Chain 282

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=606388ED81414D40

Request Chain 283

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=3607599579682165127&ex=appnexus.com

Request Chain 284

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=tFvIQJn6Qn6lr8fBcdKtsg&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=tFvIQJn6Qn6lr8fBcdKtsg

Request Chain 285

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=E5_HODhPBcGxpX3bHq5Pbg&ex=rubiconproject.com&status=ok

Request Chain 286

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Bd_Y3fPqTsawNWiWiHlOlg& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 288

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D5237C263D568057702D8A26E

Request Chain 289

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=395fc3632f8e8e0ad0d12ee4c1de082c9bd91c5e7717b85bda01849f62fb96d9

Request Chain 290

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=B0ED5F03-9CC4-495F-8F31-D10DDB0B552A

Request Chain 291

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=334a3868-71d1-45da-80f3-789d7f227bf2-tuctabbbcd2

Request Chain 293

https://ib.adnxs.com/setuid/a9?entity=188&code=z-CVcBwCRxu00dsRz754bQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3Dz-CVcBwCRxu00dsRz754bQ%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=z-CVcBwCRxu00dsRz754bQ

Request Chain 295

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=219103204396000254963&ex=neustar.biz

Request Chain 296

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=7_cuFpPpTjWUnaQDfb8gmg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=7_cuFpPpTjWUnaQDfb8gmg&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y8I3UaCmvoy8f5BMrA-aqgAA

Request Chain 297

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3ceed62b6414fa2bad889bdbe469c103

Request Chain 298

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 299

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=FOUUU8jTT1e8NpsK1F08RA HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=FOUUU8jTT1e8NpsK1F08RA&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=FOUUU8jTT1e8NpsK1F08RA

Request Chain 300

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=003ae79b-9057-409d-aa05-c85860974c35

Request Chain 303

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 304

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 306

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=74d15e90-bd40-4a37-be14-574bea13bbc4&ex=improvedigital.com

Request Chain 308

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=1098e3a4a892852ba

Request Chain 309

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=pgitlfSgQJCgGgTsie1tEQ&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pgitlfSgQJCgGgTsie1tEQ

Request Chain 310

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=0i6zjUo0RHChgbuRn9zIFw&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=0i6zjUo0RHChgbuRn9zIFw

Request Chain 311

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=gurjfSdiRK2ESO-56LAY_g&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=gurjfSdiRK2ESO-56LAY_g&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=33170272415100601293612578458921607712

Request Chain 312

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=KTSgHQLTRla3jjL7iRVkQA HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10809976114470966457&gdpr=&gdpr_consent=

Request Chain 314

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6109780412877632497

Request Chain 315

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=99930504-93c8-11ed-a0af-1fe3cd8f0306 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=99930497-93c8-11ed-a0af-1fe3cd8f0306

Request Chain 316

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%221975fd5c-0ff6-4634-8406-1e91bdc9cf6a%22,%22Time%22:%2220230114T050209.746971%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f804e1c1-a2a1-492b-ad8e-04d6b8f94efa

Request Chain 317

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEObLiRDSzqSM40uNoCAXDBQ&google_cver=1

Request Chain 319

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3a6857ada0881ca232fb9d5c3faded00

Request Chain 321

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KpAAYfCS9PTMLdN41Wq0nzc4ZBA4ZgIC

Request Chain 323

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=606388ED81414D40

Request Chain 324

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=3607599579682165127&ex=appnexus.com

Request Chain 325

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=sV3RM2rSSU69dqNP0RdpaA&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=sV3RM2rSSU69dqNP0RdpaA

Request Chain 326

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=teygKrmQil8BsprIiT2O98WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Request Chain 327

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=ySJ4sppwS7y7WxFrcD9pvA& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 329

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D5237C263D468D976022C7B61

Request Chain 330

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=395fc3632f8e8e0ad0d12ee4c1de082c9bd91c5e7717b85bda01849f62fb96d9

Request Chain 331

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=69031F88-84D8-4421-AA27-C5932B461D57

Request Chain 332

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=219be981-6b01-4956-801a-bb22d5bdc501-tuctabbbcd2

370 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
givenow.lls.org/give/342076/
Redirect Chain

http://click.e.lls.org/?qs=48f44d8372f7673a239a3f3e62a1610c2dba01bbaaa0219d828537827498b17c16da1567cd15aa352aa05587985fd225b79de00b41a0a435bad1cf6b35598110
https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

420 KB
65 KB

1158ms
1102ms

Document
text/html

2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1557f2fc1cf81de2dbe580a70fc3859a8ad6a13256744b7c51c33fb824d9cabb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7893d141a8fe9ba0-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 05:02:06 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 297
Content-Type: text/html; charset=utf-8
Date: Sat, 14 Jan 2023 05:02:04 GMT
Location: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986#!/donation/checkout

GET
H2 200 main.css
prod-frs.content.classy.org/prod/17685/static/frs/ 1 MB
141 KB 66ms
45ms Stylesheet
text/css 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17685/static/frs/main.css

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c6f61e241a28b48bd17b2ee4c90de5d7e12a502fda986bb75072959f9bb8e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: HR8M9GVMTV8VDBW0
age: 16218
cf-polished: origSize=1111121
x-amz-id-2: cJFMU9O/JndCB6+RLeptT1h9qwC8Qu3aBE+3mWBvLLJ9L6vVzReu8xRZa/FWd+YwdQCXS4hr+84=
cf-bgj: minify
last-modified: Tue, 10 Jan 2023 18:16:22 GMT
server: cloudflare
etag: W/"c67701aac2ea8febf41e87399e7b555e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7893d148ddea8fee-FRA

GET
H2 200 ddplugin.css
doublethedonation.com/api/css/ 145 KB
20 KB 376ms
181ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/css/ddplugin.css
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b4cb861c0a96921bd708714737d480605c5328b0be8f182c8865ca12e8b694d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:06 GMT
content-encoding: br
last-modified: Thu, 12 Jan 2023 15:41:46 GMT
server: nginx
etag: "63c02a3a-4ffe"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=600;
content-length: 20478

GET
H2 200 rocket-loader.min.js Show response
givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 10:27:05 GMT
server: cloudflare
content-encoding: gzip
etag: W/"63bd3d79-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7893d149d92c9ba0-FRA
expires: Mon, 16 Jan 2023 05:02:06 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 69ms
46ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://givenow.lls.org/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:06 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7893d149f91f914d-FRA

GET
H2 200 onetrustConsent-1539020710655.js Show response
prod-frs.content.classy.org/prod/17685/static/onetrust/ 50 KB
12 KB 25ms
23ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17685/static/onetrust/onetrustConsent-1539020710655.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: HR8H0GNGHDV81DG4
age: 16217
cf-polished: origSize=54583
x-amz-id-2: uTUR7eAXDu31lsVNgBqmjtVpeqGCVDCb0D8Pi75yxGAM1wJPkRAE8UEg5PukusTxchiocQLTh/Y=
cf-bgj: minify
last-modified: Tue, 10 Jan 2023 18:16:23 GMT
server: cloudflare
etag: W/"64c3a4446a1c238c4df7f2db78163772"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7893d14b1f498fee-FRA

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 18 KB
5 KB 547ms
131ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9e7d595f9089209fce023a961d31ea386f600d32a44094e000d830bc7bdd4e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 05:02:06 GMT
last-modified: Tue, 27 Dec 2022 16:48:20 GMT
etag: "0a2816131ad91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4568
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 37ms
17ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:06 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1887544
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GMZ2CRQS59VZE35ZP316CZV0-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7893d14b3b2c2bc9-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/17685/static/frs/donation/ 182 KB
37 KB 43ms
41ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17685/static/frs/donation/module.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36da7922155ff7da3f44bf56a5dda5bd809145be986495fcfd5fd7bb5204eca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:16:22 GMT
server: cloudflare
x-amz-request-id: HR8V3CRRAEDKDWS9
age: 16217
etag: W/"ab8e94571f6a70f53e8767523989605c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7893d14b1f4c8fee-FRA
x-amz-id-2: PlHBBFCtNMuZlB0XN3tRSoyRS0xSSJUhb8D/Hml65c9PLSju3g4yT97Kxt0C8/iQstUdQa00YuM=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/17685/static/global/ 2 MB
367 KB 32ms
30ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17685/static/global/module.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd2f7f82c5d02ecdcb65071a242d9a735c8ce38af7fb7f9d1a427926ea4403a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:16:22 GMT
server: cloudflare
x-amz-request-id: GT2ASMAGZGYT6KKE
age: 16381
etag: W/"b979b1b5aa9615c648769b407a2d8a8c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7893d14b1f4d8fee-FRA
x-amz-id-2: hzII0kAW6EMVCDeeGloIfRWx7W1tQu6DL6KCPfByX4Ab5HcRbqYym/lTBpj1QCxE2nu1dkqtenk=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/17685/static/global/ 1 MB
430 KB 48ms
45ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17685/static/global/libs.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:16:22 GMT
server: cloudflare
x-amz-request-id: GT2EEJ708J8F5DXT
age: 16381
etag: W/"772e1301b871cc2545926cb86ee5965f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7893d14b1f4e8fee-FRA
x-amz-id-2: d+8KVKXvEnYtEu2EokHhhgkBZUjHDUdn9I4TX4O2YHTPUgzH4SWWLthN4FWfa7qafPPuoKHUqEg=

GET
H2 200 braintree.js Show response
js.braintreegateway.com/v2/ 175 KB
50 KB 111ms
27ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/v2/braintree.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2f57fab97c15bf3519176fcd494f12d36d24ca3d761a787a1e66a1058bc6b30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
date: Sat, 14 Jan 2023 02:56:54 GMT
last-modified: Wed, 04 Jan 2023 18:48:40 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 7512
etag: W/"63b5ca08-2bc3c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 4xTlCTZiPwY9ANoSRpDo1twc2ZQ2eP8k_JBT4kls4FeL94uC8V0esQ==
expires: Sun, 15 Jan 2023 02:56:54 GMT

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 124 KB
40 KB 104ms
31ms Script
application/javascript 65.9.66.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-20.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da4db02386d6424ba6849943b05b0cda88d3bc401b841a257558104473a6d708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 17:15:19 GMT
x-amz-version-id: jpK0olNqX_OlL3WkSqwD3UxjE.QWPyzV
content-encoding: gzip
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-amz-request-id: D373KM4T6TV9FFKB
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 42408
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: tNfNC56dRO3S43YjwbZ30k9ytougOESuUq79+lIHix7uRVagD0ZxLyKsrz5TKU0AiD/YT+ErUhw=
last-modified: Fri, 13 Jan 2023 17:00:55 GMT
server: AmazonS3
etag: W/"7ee4db09b878cf44d2fce5e5695e9e83"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: _e4hNrp-GiMVkjym5GhBPy6Jw5huhGaErNKTYNDgm5nJ5psXVWAKWg==

GET
H2 200 / Show response
js.stripe.com/v3/ 421 KB
102 KB 133ms
28ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a23-206-209-10.deploy.static.akamaitechnologies.com

Software

Cloudfront /

Resource Hash

b9cfe7f6bd7477a998ffcd2270e9b54395f7cf1da65bc7f254c9d24900758e4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 05:01:46 GMT
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 21
x-cache: Hit from cloudfront
last-modified: Fri, 13 Jan 2023 20:09:34 GMT
server: Cloudfront
etag: W/"20cebbce2a283351093968eda40cb516"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: PmKW0v72nHFbxj1TmcH_KGPT1lH7RmqYE7AYd7GEUDxMpUPQCQwABQ==

GET
H2 200 20864580600.js Show response
cdn.optimizely.com/js/ 441 KB
118 KB 104ms
25ms Script
text/javascript 2a02:26f0:dc:38e::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/20864580600.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:38e::13b8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

505cdbac9b420f42f0042aed23d13484633275ed1dd1423ea2cdc51fd1ea163f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: WwZlRdMtXxaYovXXm5OX19IhVb8jLDwz
content-encoding: gzip
date: Sat, 14 Jan 2023 05:02:06 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: 4280FZB3Z9R86T38
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 2964
x-amz-replication-status: COMPLETED
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="29";dur=0,cdnip;desc="2a02:26f0:dc:38e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
content-length: 119743
x-amz-id-2: jWSiKWZ8m9oTJievTojw4KK/lFhxs4V9DTlX8hhYQyVFCeh9GKEmupcBSaHAI3I3bNgEY6UsJRXMM0vbSmKK2Q==
last-modified: Fri, 06 Jan 2023 20:33:31 GMT
server: AmazonS3
etag: "beda98f4922734b2884a40ff9615230d"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 ddplugin.js Show response
doublethedonation.com/api/js/ 430 KB
92 KB 94ms
92ms Script
text/javascript 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/js/ddplugin.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: c708901cf4bffe0cdbed398e364d9f672b23a7da330593a5ea8f522af945c1d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:06 GMT
content-encoding: br
last-modified: Thu, 12 Jan 2023 15:41:44 GMT
server: nginx
etag: "63c02a38-16e5a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=600;
content-length: 93786

GET
H2 200 a20864580600.html Show response
a20864580600.cdn.optimizely.com/client_storage/ Frame CBDF 3 KB
2 KB 417ms
386ms Document
text/html 23.206.209.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a20864580600.cdn.optimizely.com/client_storage/a20864580600.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.209.10 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8af5f37fe9eeb5ef3eb17d72f394804600af016ed5ac75e2447bcaac34bcbe24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 1054
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 05:02:07 GMT
etag: "4f607a69e6975e1edb3b872076138760"
last-modified: Fri, 06 Jan 2023 20:33:23 GMT
server: AmazonS3
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="23.206.209.10";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-amz-id-2: Ex6/lJVbIkRXz0NVNHEbxWOX3ihd98NMt1qm6S1ARwEszK2B+cRUbaku6uVmoeIiFcoTVz163i4=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: CPSZDSEYJ3HRGPHR
x-amz-server-side-encryption: AES256
x-amz-version-id: FUyuQ70D9zB3VL5tSYzmw6PdIKX2N0F9

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 04:30:51 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1875
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 14 Jan 2023 06:30:51 GMT

GET
H2 200 heap-1566116007.js Show response
cdn.heapanalytics.com/js/ 120 KB
38 KB 104ms
43ms Script
application/javascript 65.9.95.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1566116007.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-47.prg50.r.cloudfront.net

Software

nginx / Express

Resource Hash

8a5f8d890df6006830d92b07d982a5b0f7063479fd07aa78df05ad11f0cd9919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:01:09 GMT
content-encoding: br
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: PRG50-C1
age: 57
x-powered-by: Express
etag: W/"1e164-iPiQ32EG0mhQfn9wb5Mdzw"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Ntiu0Hum7B1nFTn3-nBq76R5jdqEFev7cjIxFiCeeeKleJxHxPWN5g==

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 211ms
152ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://givenow.lls.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 14 Jan 2023 05:02:07 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 150ms
148ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer: https://givenow.lls.org/
Bugsnag-Sent-At: 2023-01-14T05:02:06.945Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 14 Jan 2023 05:02:07 GMT
via: 1.1 google
bugsnag-session-uuid: bad53696-cb9e-4e22-b039-2190703627f3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 936 KB
53 KB 72ms
24ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGKK4PM

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b804b5107af06b573b83edb4dac743bce57113dd50fe093e0f43ae410aa93d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53335
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Jan 2023 05:02:07 GMT

GET
H2 200 sdk.js Show response
givenow.lls.org/sso/ 11 KB
3 KB 45ms
45ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/sso/sdk.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

ce3698a4611e0b39df537a8b3ff7db64efc1f77e76d278ba09ce19336deaa6d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 14 Jan 2023 04:59:04 GMT
cf-bgj: minify
server: cloudflare
age: 182
cf-polished: origSize=21336
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 7893d14d7ceb9ba0-FRA
expires: Sat, 14 Jan 2023 05:19:04 GMT

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1458/ 0
45 KB 8ms
8ms Other
application/javascript 65.9.66.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1458/link-dynamic-loader.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-20.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 17:15:22 GMT
x-amz-version-id: UGvquGEYOHnqN8aIm6t54DKfb93BS9tn
content-encoding: gzip
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 42405
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 13 Jan 2023 17:00:55 GMT
server: AmazonS3
etag: W/"6f7c871a6cbea0e2b5399cc74ccbf931"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
x-amz-cf-id: fN-TnaBmttqPQhXfM6BD3bjZBkWJZmbEv8CHrUSYWign0ALpxTPsGg==

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 326ms
104ms Image
image/gif 54.156.17.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3917292990020231&v=7342341141338403&s=2557215303044341&b=web&tv=4.0&z=0&g=%23!%2Fdonation%2Fcheckout&h=%2Fgive%2F342076%2F&q=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&d=givenow.lls.org&t=The%20Leukemia%20%26%20Lymphoma%20Society&us=sfmc&um=email&ua=FDA%20Approval_2023013_National&ts=1673672527062&st=1673672527081

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.17.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
31 KB 45ms
13ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://givenow.lls.org/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
content-encoding: gzip
x-sp-metadata: HS256.CN+KiZ4GEpMBCiQ4MTNhYmQ1YS1mODQzLTQzZjItYWViNy05OWNhNmRhOTExMzgQ+OiCoKvU+wIaBgjP7oieBiIYMmEwMDpjOTg6MjAzMDphMDA0OjE6OjExKKqVAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkMjMwOTgxMzMtOTFmNi00NTRlLTk5YTItNWI2M2NkZGRmMzU1GO3xASIYCAISFGNkczI1OC5mcjguaHdjZG4ubmV0.kbUnlEXAd0b0gTbOjXdEKJkMqzxtQldE3sMtOOPG71w=
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: nginx
etag: W/"63090485-15e40"
vary: Accept-Encoding
x-hw: 1673672527.dop142.fr8.t,1673672527.cds288.fr8.hn,1673672527.cds258.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30957

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 346 KB
87 KB 31ms
29ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PC52XK&l=dataLayer

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8dda9c22c9929351148061dd988e2085d71aa3619b8a9789173789c56f190125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89211
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Jan 2023 05:02:07 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 3D6A 200 B
1 KB 24ms
23ms Document
text/html 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2908
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 04:13:39 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 11 Jan 2023 17:29:24 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-id: 8dj1PLOzAyL4L8gTe5vN3FxzgQwgAQF_UXTA2s595nnQS7rtkK8CtA==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 859.25fcbbf1-1221.js Show response
js-agent.newrelic.com/ 21 KB
6 KB 30ms
7ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/859.25fcbbf1-1221.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 017346b900f9ce7cefed1d843e1b339f2251d47eecee24c24d98ebc61c7f1c68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: LcQjPO428dQ4CkCwzu1ctp1i_7pNRF02
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Jan 2023 05:02:07 GMT
x-amz-request-id: DP57Y08ME1JYN1KV
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5994
x-amz-id-2: g6KIulSrcBq5u79X4vZHXq/kFOweKmGVoCOsd0vzK2RR/1wBSfn0TLMjv3As8fwqhCYe/o+a6bU=
x-served-by: cache-hhn-etou8220033-HHN
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
server: AmazonS3
x-timer: S1673672527.176699,VS0,VE0
etag: "955ba8bb9a6f4fec37ed25b54890b88a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3357

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
givenow.lls.org/sso/ssobuild/js/ 22 KB
7 KB 39ms
39ms XHR
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-162662db0fda6ae6----1673672527161
traceparent: 00-becbc403cf95ef6c0cf04a946a6d9370-162662db0fda6ae6-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxNjI2NjJkYjBmZGE2YWU2IiwidHIiOiJiZWNiYzQwM2NmOTVlZjZjMGNmMDRhOTQ2YTZkOTM3MCIsInRpIjoxNjczNjcyNTI3MTYxfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
X-Requested-With: XMLHttpRequest

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 17:55:22 GMT
cf-bgj: minify
server: cloudflare
age: 8538726
etag: W/"632ca18a-893d"
cf-polished: origSize=35133
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7893d14ece2e9ba0-FRA
expires: Sat, 07 Oct 2023 09:10:01 GMT

GET
H2 200 optanon.css
prod-frs.content.classy.org/prod/17685/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/ 22 KB
6 KB 17ms
16ms Stylesheet
text/css 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17685/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: K79DWS8604NM7DEQ
age: 16082
cf-polished: origSize=22581
x-amz-id-2: Y1qJHG8JIonT86u/ALfksV2x2mpsKTR31zbuqG0nqlC7Cp5/SlZSE+ZMMSiRyMVjSqA6folKIKY=
cf-bgj: minify
last-modified: Tue, 10 Jan 2023 18:16:23 GMT
server: cloudflare
etag: W/"5ec3a032a0370bd8e3f63adf430b4617"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7893d14ec97f8fee-FRA

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
183 B 42ms
24ms Script
text/javascript 2606:4700::6812:1b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery32104220732708690802_1673672526884&_=1673672526885

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7893d14eecb39073-FRA
content-length: 32
vary: Accept-Encoding
content-type: text/javascript

OPTIONS
H2 200 /
notify.bugsnag.com/ Frame 0
0 182ms
147ms Preflight 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://givenow.lls.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 14 Jan 2023 05:02:07 GMT
via: 1.1 google

OPTIONS available_campaigns
app.five9.com/appsvcs/rs/svc/orgs/ Frame 0
0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 31ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E0) /
Resource Hash: 2b4ea37ec31f94cc477c23b52eb3602b05b321f6e629109cd138aac2fa081eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 05:02:07 GMT
Content-Encoding: gzip
Age: 1087
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 29165
Last-Modified: Sat, 14 Jan 2023 01:47:45 GMT
Server: ECS (frb/67E0)
Etag: "1f7a9d98d378a9b1ef4dcec793a1c434+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 71ms
34ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sat, 14 Jan 2023 05:02:07 GMT

GET
H2 200 c.min.js Show response
cdn.c212.net/ 747 B
1 KB 86ms
22ms Script
application/javascript 2600:9000:2127:ac00:16:cfb1:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.c212.net/c.min.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:ac00:16:cfb1:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 13:50:59 GMT
via: 1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jan 2020 19:12:36 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 54669
etag: "9f5634a151b9e5ecb2adec9462f783d6"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 747
x-amz-cf-id: hgu1jxOwA7YDak9VH_8dCffwkn63oihRZgTzOIrwvpoAbeMqe7Xz4A==

POST
H2 200 / Show response
notify.bugsnag.com/ 2 B
113 B 160ms
159ms XHR
text/plain 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4.0
Referer: https://givenow.lls.org/
Bugsnag-Sent-At: 2023-01-14T05:02:07.340Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 14 Jan 2023 05:02:07 GMT
via: 1.1 google
bugsnag-event-id: 63c2374f00aab512fac70000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8

GET available_campaigns
app.five9.com/appsvcs/rs/svc/orgs/ 0
0

GET
H2 200 market-data Show response
givenow.lls.org/frs-api/crypto-giving/BTC/USD/ 35 B
123 B 410ms
409ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/crypto-giving/BTC/USD/market-data

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b60a236b7524fe163a7c44f858978b916060e9dbd4bd4cec334af6b02a9c705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 2DMKdAKZ-LUfpyC1OvUMghmItHCrzLqVJeWI
tracestate: 423787@nr=0-1-423787-363751183-d6a0af8d3bda2b15----1673672527407
traceparent: 00-4ffb7a4d7fa98008bbf9490eef017500-d6a0af8d3bda2b15-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJkNmEwYWY4ZDNiZGEyYjE1IiwidHIiOiI0ZmZiN2E0ZDdmYTk4MDA4YmJmOTQ5MGVlZjAxNzUwMCIsInRpIjoxNjczNjcyNTI3NDA3fX0=
Accept: application/json, text/plain, */*
csrf-token: 2DMKdAKZ-LUfpyC1OvUMghmItHCrzLqVJeWI
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"23-PD2LVnO2CgZF6vhYGZYsNJvDcew"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 7893d1504fb59ba0-FRA
content-length: 35

GET
H2 200 tax-entities Show response
givenow.lls.org/frs-api/organizations/33874/ 397 B
445 B 171ms
169ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/organizations/33874/tax-entities

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecb8db5cce14758494b967647bf771905022f3e68363de55b7440e9f6b65615c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 2DMKdAKZ-LUfpyC1OvUMghmItHCrzLqVJeWI
tracestate: 423787@nr=0-1-423787-363751183-4078e4072c354391----1673672527408
traceparent: 00-881b0759f78ecb4168d7c3d849942980-4078e4072c354391-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0MDc4ZTQwNzJjMzU0MzkxIiwidHIiOiI4ODFiMDc1OWY3OGVjYjQxNjhkN2MzZDg0OTk0Mjk4MCIsInRpIjoxNjczNjcyNTI3NDA4fX0=
Accept: application/json, text/plain, */*
csrf-token: 2DMKdAKZ-LUfpyC1OvUMghmItHCrzLqVJeWI
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"18d-JccVDYLjkX8/sTUd67MWdvg9V/M"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7893d1504fb89ba0-FRA

GET
H2 200 channels Show response
givenow.lls.org/frs-api/campaigns/342076/ 784 B
498 B 422ms
420ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/campaigns/342076/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6209385b2dff3d5c09c860be40500f80677b553033fc73754daf8f5ed86ee9dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 2DMKdAKZ-LUfpyC1OvUMghmItHCrzLqVJeWI
tracestate: 423787@nr=0-1-423787-363751183-28ce20f0f75f9c5c----1673672527408
traceparent: 00-bb4f53ee669fc820ff63935ca6d3f5d0-28ce20f0f75f9c5c-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyOGNlMjBmMGY3NWY5YzVjIiwidHIiOiJiYjRmNTNlZTY2OWZjODIwZmY2MzkzNWNhNmQzZjVkMCIsInRpIjoxNjczNjcyNTI3NDA4fX0=
Accept: application/json, text/plain, */*
csrf-token: 2DMKdAKZ-LUfpyC1OvUMghmItHCrzLqVJeWI
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"310-t1SeSvQHE73QW/sU188g5IOTEgM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7893d1504fb99ba0-FRA

GET
H2 200 ach-account-routing Show response
givenow.lls.org/frs-api/organizations/33874/ 33 B
167 B 436ms
436ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/organizations/33874/ach-account-routing

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 2DMKdAKZ-LUfpyC1OvUMghmItHCrzLqVJeWI
tracestate: 423787@nr=0-1-423787-363751183-fd822c68d243c540----1673672527409
traceparent: 00-be344ce167a114c77ed5207a57c9ff10-fd822c68d243c540-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmZDgyMmM2OGQyNDNjNTQwIiwidHIiOiJiZTM0NGNlMTY3YTExNGM3N2VkNTIwN2E1N2M5ZmYxMCIsInRpIjoxNjczNjcyNTI3NDA5fX0=
Accept: application/json, text/plain, */*
csrf-token: 2DMKdAKZ-LUfpyC1OvUMghmItHCrzLqVJeWI
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7893d1504fba9ba0-FRA
content-length: 33

GET
H2 200 braintree Show response
pay.classy.org/token/ 3 KB
3 KB 518ms
498ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/braintree?applicationId=3234&currency=USD

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

701d95c0f086c943ca70a454e4ccc8bf57e775b28e5cbb2a422f9e7f6db5f4a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: fb5dc0dc-8978-4453-910a-3d961fdabb45
cf-ray: 7893d1508b092c2b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
586 B 421ms
402ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=3234&currency=USD

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: bf4b71c6-f397-48d9-8fdb-b6047b176d31
cf-ray: 7893d1508b0a2c2b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 designations Show response
givenow.lls.org/frs-api/campaign/342076/ 1 KB
718 B 932ms
932ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/campaign/342076/designations?per_page=100

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4c44e38eae7e0c63c236781343dce1044c304c5866514482bb394c6086e48cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 2DMKdAKZ-LUfpyC1OvUMghmItHCrzLqVJeWI
tracestate: 423787@nr=0-1-423787-363751183-f6a3b317dc333231----1673672527462
traceparent: 00-37fe327ac3a3fcad1a0730ef124e9ff0-f6a3b317dc333231-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmNmEzYjMxN2RjMzMzMjMxIiwidHIiOiIzN2ZlMzI3YWMzYTNmY2FkMWEwNzMwZWYxMjRlOWZmMCIsInRpIjoxNjczNjcyNTI3NDYyfX0=
Accept: application/json, text/plain, */*
csrf-token: 2DMKdAKZ-LUfpyC1OvUMghmItHCrzLqVJeWI
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"42c-U9/MOkbQU5gMR1dPYUUHWJVkndU"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7893d150a81e9ba0-FRA

GET
H2 200 designations Show response
givenow.lls.org/frs-api/campaigns/342076/ 1 KB
585 B 456ms
456ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/campaigns/342076/designations?filter=id%3D39235

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85d2f30d7a7b952bf1d098ed3089ce0042df10082532f951d48a2fa9b3cd37b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 2DMKdAKZ-LUfpyC1OvUMghmItHCrzLqVJeWI
tracestate: 423787@nr=0-1-423787-363751183-b7c04ac33dfd6ddd----1673672527463
traceparent: 00-9a310b874842f37cfd114db120fd5980-b7c04ac33dfd6ddd-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiN2MwNGFjMzNkZmQ2ZGRkIiwidHIiOiI5YTMxMGI4NzQ4NDJmMzdjZmQxMTRkYjEyMGZkNTk4MCIsInRpIjoxNjczNjcyNTI3NDYzfX0=
Accept: application/json, text/plain, */*
csrf-token: 2DMKdAKZ-LUfpyC1OvUMghmItHCrzLqVJeWI
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"425-036EpQKrFg6xx/79merneuhS1UA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7893d150a81f9ba0-FRA

GET
H2 200 currency-conversions Show response
givenow.lls.org/frs-api/i18n/ 75 B
210 B 404ms
404ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6420ff678e25bb708b6348921676353af5bbc127655cf0325658fc9d63394fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 2DMKdAKZ-LUfpyC1OvUMghmItHCrzLqVJeWI
tracestate: 423787@nr=0-1-423787-363751183-5a132915a79b6adb----1673672527527
traceparent: 00-7c153ed9f931bbae677fdf52ebd7fbe0-5a132915a79b6adb-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI1YTEzMjkxNWE3OWI2YWRiIiwidHIiOiI3YzE1M2VkOWY5MzFiYmFlNjc3ZmRmNTJlYmQ3ZmJlMCIsInRpIjoxNjczNjcyNTI3NTI3fX0=
Accept: application/json, text/plain, */*
csrf-token: 2DMKdAKZ-LUfpyC1OvUMghmItHCrzLqVJeWI
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-dsxNo/vRS1qTK40MPw+edZNWcGo"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7893d15108989ba0-FRA

GET
H2 200 braintree Show response
pay.classy.org/token/ 3 KB
3 KB 580ms
580ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/braintree?applicationId=3234&currency=EUR

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

464f3c4ddac1b11090fda59d900c5ac486712107c60ca36ca9045da4e5ca1285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=WpdVENEIpYKrYq7Zylvad4sDPdXcHV9KM__8jwwwh9Q-1673672528-0-AaaR07alH_hM20lUVCWiUF07EXcooUXdNV1YZhbo7zymJ2leBwLWilSbNxaX-wm86OMAsxUkMIJVqhDSZ6RfFdU"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 28742281-322f-4891-bc94-9c767c4e83f9
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=WpdVENEIpYKrYq7Zylvad4sDPdXcHV9KM__8jwwwh9Q-1673672528-0-AaaR07alH_hM20lUVCWiUF07EXcooUXdNV1YZhbo7zymJ2leBwLWilSbNxaX-wm86OMAsxUkMIJVqhDSZ6RfFdU; report-to cf-csp-endpoint
cf-ray: 7893d1510b672c2b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 user-icon.png
givenow.lls.org/static/global/images/ 2 KB
2 KB 34ms
31ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 118540
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Tue, 10 Jan 2023 18:12:28 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "63bdaa8c-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7893d151189c9ba0-FRA
expires: Fri, 12 Jan 2024 20:06:27 GMT

GET
H2 200 1f305074-be54-11eb-a799-0a610299dcaf.jpg
assets.classy.org/4195518/ 9 KB
9 KB 43ms
39ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/4195518/1f305074-be54-11eb-a799-0a610299dcaf.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67f8dd03c2192a5aba71380609f29b1fa5f923eea061b24760839a1fb888e54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: W6Nyba5P38GUPZGZafiQ4JSnYY_WGNW_
age: 111344
x-amz-cf-pop: FRA50-C1
cf-polished: qual=85, origFmt=jpeg, origSize=57544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="1f305074-be54-11eb-a799-0a610299dcaf.webp"
content-length: 9186
last-modified: Wed, 26 May 2021 18:56:49 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "a7de55223120c69c682ce03b55830442"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7893d1511aea8fee-FRA
x-amz-cf-id: mwVhWeJhNVE6kOcOq6mrMk3kqYWKf5QWIX69DtJNcCpxz7PRiaEPfA==

GET
H2

200

/
givenow.lls.org/give/342076/
Redirect Chain

https://givenow.lls.org/
https://givenow.lls.org/give/342076/

28 KB
28 KB

1000ms
999ms

Image
text/html

2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/give/342076/

Protocol

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-security-policy: frame-ancestors 'self';
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7893d1530a649ba0-FRA
x-xss-protection: 1; mode=block

Redirect headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: https://givenow.lls.org/give/342076/#!/donation/checkout
cache-control: max-age=300
cf-ray: 7893d151189e9ba0-FRA
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK footer-logo-charity-navigator.png
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 7 KB
7 KB 402ms
134ms Image
image/png 52.217.169.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/footer-logo-charity-navigator.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.169.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 439aa6b5ecb2230ff8c9dd2d23a72ac144241362ad13d6371ecab2b3148da2fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 05:02:08 GMT
x-amz-version-id: omnJoSDO52TWSAvgBdn2GfvX3cg9OXL4
Last-Modified: Tue, 09 Nov 2021 18:16:56 GMT
Server: AmazonS3
x-amz-request-id: 19NEF6DT2J5NY92R
ETag: "c2fb98aa5eb275ea5257858c8c77afd1"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 7020
x-amz-id-2: z8E5epPQgmcTuxCv0wvDQvxKApRHTakUpyWaj7FGG8wK1TVHHLQ0JTXdh4SmkO4BbjP9FnmmL58=

GET
H2 200 6939026
widgets.guidestar.org/TransparencySeal/ 11 KB
4 KB 435ms
386ms Image
image/svg+xml 172.67.23.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.guidestar.org/TransparencySeal/6939026
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 60545e054ec3ed32276ff337a4775973165502a5d7420dcbe0c7c3c1e3136d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 7893d15159eb2bc9-FRA
expires: -1

GET
H/1.1 200
OK footer-logo-great-nonprofits-2021.png
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 12 KB
13 KB 401ms
134ms Image
image/png 52.217.169.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/footer-logo-great-nonprofits-2021.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.169.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3f2c92b210b89615b0bbee08b02f7fb4e28e1afb1fd6ca77ca7a89579ad9883c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 05:02:08 GMT
x-amz-version-id: P9kDPkP82g6Jb0vD6y.syn4E0q9j7gv8
Last-Modified: Tue, 09 Nov 2021 18:16:57 GMT
Server: AmazonS3
x-amz-request-id: 19N60HBYAM0XM6Z2
ETag: "50be17cef1293e9e3c3d4d6f92242ad3"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 12565
x-amz-id-2: XZh2OocrUDo7fu/yDeWhOOtfvSJXxeeWe1U10ToSQqYZBPewNbl50PvoAj68h2BtHjEfxfWUGRw=

GET
H/1.1 200
OK footer-logo-charity-watch.png
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 5 KB
6 KB 409ms
136ms Image
image/png 52.217.169.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/footer-logo-charity-watch.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.169.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cab31fc0a6902621b57ffe6afec60a97aa570de05fafda357daaeece9c29485d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 05:02:08 GMT
x-amz-version-id: 5dakYRN9oPGlaOVE0La3nx.ulcRZTuQJ
Last-Modified: Tue, 09 Nov 2021 18:16:58 GMT
Server: AmazonS3
x-amz-request-id: 19N0D7TW8ZZ1WQSS
ETag: "728de1350ee9e91045ae257f6ae1c18e"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 5191
x-amz-id-2: 1PHsCOeA6PivqAbZiKjEkqHep3NvA7ZOqgQMRT4LumMx8I0RVyuPGeamIgUEP4hmxl7ApEHviZ8=

GET
H2 200 logo-paypal.svg
givenow.lls.org/static/global/images/payments/ 4 KB
3 KB 41ms
38ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/static/global/images/payments/logo-paypal.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:12:28 GMT
server: cloudflare
age: 73812
etag: W/"63bdaa8c-1042"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7893d151189f9ba0-FRA
expires: Sat, 13 Jan 2024 08:31:54 GMT

GET
H2 200 crypto-giving-coin-bitcoin.svg
prod-frs.content.classy.org/prod/17685/static/global/images/crypto-giving/ 1 KB
920 B 27ms
25ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17685/static/global/images/crypto-giving/crypto-giving-coin-bitcoin.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:16:22 GMT
server: cloudflare
x-amz-request-id: 92FTES9496RD8Y6E
age: 16208
etag: W/"2861fb7a07b041686ba6360cf7908e28"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7893d1511ae48fee-FRA
x-amz-id-2: AqwTYB2otXCZ932siDYyBqP4fOJAWxsXYHIew8RFre71eug1/tePFfQr/vmpU7kSDBcTYGlIfIw=

GET
H2 200 crypto-giving-coin-ethereum.svg
prod-frs.content.classy.org/prod/17685/static/global/images/crypto-giving/ 545 B
405 B 21ms
19ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17685/static/global/images/crypto-giving/crypto-giving-coin-ethereum.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:16:22 GMT
server: cloudflare
x-amz-request-id: 92FJR5R9KR9FY1HQ
age: 16208
etag: W/"c8896ba26efa2a5d9aa1659b4aef1f00"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7893d1511ae58fee-FRA
x-amz-id-2: cEU1X2e+aFDHYuL1L2TmjOxPcBl4f2nDc/V+4TA7QPcaweF8R9M+0yyDbg1dsllzOA1DcCsq5b8=

GET
H2 200 crypto-giving-coin-usdc.svg
prod-frs.content.classy.org/prod/17685/static/global/images/crypto-giving/ 2 KB
1 KB 22ms
20ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17685/static/global/images/crypto-giving/crypto-giving-coin-usdc.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:16:22 GMT
server: cloudflare
x-amz-request-id: 92FN5NDX1Y54YR2F
age: 16208
etag: W/"120e9a5c0d8ae8e313213cbb2284cafe"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7893d1511ae68fee-FRA
x-amz-id-2: FwNm9+y+5Y+CbkyazocalbPTd87p7rMDu0v07sMaGBsS1dfs3buNLc1BJaeT0xMbVs6RC/MG8LE=

GET
H2 200 crypto-giving-arrows.svg
prod-frs.content.classy.org/prod/17685/static/global/images/crypto-giving/ 453 B
461 B 20ms
18ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17685/static/global/images/crypto-giving/crypto-giving-arrows.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:16:22 GMT
server: cloudflare
x-amz-request-id: 92FWTARED2PCZNMW
age: 16208
etag: W/"332ba480e7dc5a9687ededc7c4333e80"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7893d1511ae78fee-FRA
x-amz-id-2: 49XNsg1gZByloqnz3AUrBZ5YrdRgoN6ljlJSvU2ZyW10mDYtNDCRckdj19QwbgU45W5lkWSpGVI=

GET
H2 200 3c8bdeb6-c31a-11eb-b186-0a58a9feac02.jpg
assets.classy.org/13648750/ 13 KB
13 KB 51ms
49ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/13648750/3c8bdeb6-c31a-11eb-b186-0a58a9feac02.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a79c31734f20d5eacae6b26c81f5872b8399c074e14ba0354d5345267feb9a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9a9d8d845aab6bf47074a2716ba4f5a.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-version-id: wSo0zz6gPutE85gshGqVqQ7bSquj5NNx
x-amz-cf-pop: MRS52-C1
cf-polished: qual=85, origFmt=jpeg, origSize=84713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="3c8bdeb6-c31a-11eb-b186-0a58a9feac02.webp"
content-length: 13364
last-modified: Tue, 01 Jun 2021 20:45:02 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "c340dc2d7c1f922def64fe81bc3d0837"
vary: Accept, Accept-Encoding
content-type: image/webp
accept-ranges: bytes
cf-ray: 7893d1511ae88fee-FRA
x-amz-cf-id: KTdfdWXjQUfdArHTCIX6tUQhZSJUDuaEL2Nd8KRqnkz5XitE-uKirw==

GET
H2 200 4d094b2a-c31a-11eb-ae80-0ae0bdc5dec7.jpg
assets.classy.org/13648750/ 13 KB
14 KB 40ms
39ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/13648750/4d094b2a-c31a-11eb-ae80-0ae0bdc5dec7.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d4609a39b06d7bac192ff546a8302280ad2a94d92cfa5c3e740d1eabb83305f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-version-id: 8iO_YRAy3gNtS4L0jHZil7Zl4XG9Si35
x-amz-cf-pop: DUS51-C1
cf-polished: qual=85, origFmt=jpeg, origSize=86180
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="4d094b2a-c31a-11eb-ae80-0ae0bdc5dec7.webp"
content-length: 13724
last-modified: Tue, 01 Jun 2021 20:45:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "0b6c1b69c1ac841c85b4f728c23423be"
vary: Accept, Accept-Encoding
content-type: image/webp
accept-ranges: bytes
cf-ray: 7893d1511ae98fee-FRA
x-amz-cf-id: rIagZL8B3mP8qEepVeVaihtQPdCTkUjQhjSkmXBOtHIUGpLrqAbkeg==

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/17685/static/global/images/ 394 B
731 B 24ms
23ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/17685/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/17685/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/17685/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: B7BNFM1W3FPQBXTB
age: 39403
cf-polished: origFmt=png, origSize=547
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: mtM5egFJYYzn6VVCHqgypjoR2uYER3ue7A7mUCYerxvpsQaMHv2Tv4qL2DqaOMk3pIvB4UcXb0Q=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 10 Jan 2023 18:16:22 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7893d1511aeb8fee-FRA

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/17685/static/fonts/ 65 KB
66 KB 40ms
23ms Font
binary/octet-stream 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17685/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/17685/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/17685/static/frs/main.css
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: 3BWZQJF4M587KKRH
age: 83740
content-length: 66624
x-amz-id-2: xY0pNCgn8MJSRGFbJss9MlOibfd8IzK+UIAv8QA9ob0GM+LeMgXBI+ihDhcVeD4//xG7oo1zBqk=
last-modified: Tue, 10 Jan 2023 18:16:22 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7893d1513ca09b37-FRA

POST
H2 204 rum Show response
givenow.lls.org/cdn-cgi/ 0
165 B 12ms
12ms XHR
text/plain 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/cdn-cgi/rum?

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-94323e69d035b24d----1673672527588
traceparent: 00-a0ad46cd5b743dd84f6a533edf98bd50-94323e69d035b24d-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5NDMyM2U2OWQwMzViMjRkIiwidHIiOiJhMGFkNDZjZDViNzQzZGQ4NGY2YTUzM2VkZjk4YmQ1MCIsInRpIjoxNjczNjcyNTI3NTg4fX0=
content-type: application/json
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://givenow.lls.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7893d15168f19ba0-FRA

GET
H2 200 add_user_properties_v3
heapanalytics.com/api/ 37 B
258 B 104ms
103ms Image
image/gif 54.156.17.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/add_user_properties_v3?a=1566116007&u=3917292990020231&v=7342341141338403&s=2557215303044341&b=web&tv=4.0&_CLSY-56%20%5BLLS%5D%5BAll%20Devices%5D%20Progress%20Bar=v1%3A%20Numbered%20Progress%20Bar&st=1673672527619

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.17.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 csp-report
q.stripe.com/ Frame 3D6A 0
599 B 535ms
168ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3D6A 0
600 B 535ms
167ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3D6A 631 B
1 KB 24ms
24ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sat, 14 Jan 2023 04:02:47 GMT
x-content-type-options: nosniff
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 3571
x-cache: Hit from cloudfront
content-length: 631
last-modified: Wed, 11 Jan 2023 17:29:23 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: DdUAQ0ONy-T12H6erfhQzE8hGyG5cfVenDLDr_Kd0Ju6PBT7ArQ12w==

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 63ms
23ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

923b98f388a1ed517388a42b1e51c727eb88f8aabd41146f10bbfdd150925d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Jan 2023 05:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 05:02:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Jan 2023 05:02:07 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 21ms
21ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=831916669&t=event&_s=1&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=KGDACEABBAAAACAAI~&jid=561950199&gjid=893242533&cid=1231150126.1673672527&tid=UA-3837893-1&_gid=1180984556.1673672527&_r=1&_slc=1&z=1609099830

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 21ms
21ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=831916669&t=event&_s=1&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=KGDACEABBAAAACAAI~&jid=415708795&gjid=1004765400&cid=1231150126.1673672527&tid=UA-225158-16&_gid=1180984556.1673672527&_r=1&_slc=1&z=1739560315

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
398 B 377ms
376ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=3234&currency=EUR

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357e07efbbd95f94fc82e7cccdb7ae8abcb3f8902a1b57e33437d90005928ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 7297b966-9fc8-4972-a20f-9a8cade5012c
cf-ray: 7893d151dc102c2b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 15ms
14ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=831916669&t=timing&_s=2&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20latency&utv=fresh&utl=1673672527213&utt=339&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=1231150126.1673672527&tid=UA-3837893-1&_gid=1180984556.1673672527&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=171020437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:07:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68061
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 16ms
15ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=831916669&t=timing&_s=3&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1673672527213&utt=1441&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=1231150126.1673672527&tid=UA-3837893-1&_gid=1180984556.1673672527&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=1214278941

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:07:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68061
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 17ms
15ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=831916669&t=timing&_s=4&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1673672527213&utt=1640&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=1231150126.1673672527&tid=UA-3837893-1&_gid=1180984556.1673672527&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=877206621

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:07:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68061
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 17ms
16ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=831916669&t=timing&_s=5&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1673672527213&utt=1869&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=1231150126.1673672527&tid=UA-3837893-1&_gid=1180984556.1673672527&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=1729336722

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:07:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68061
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 17ms
16ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=831916669&t=timing&_s=6&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1673672527213&utt=2918&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=1231150126.1673672527&tid=UA-3837893-1&_gid=1180984556.1673672527&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=1572178747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:07:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68061
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 998 B
1020 B 83ms
24ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=initRecaptcha&render=explicit

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8f98a41809e1b91b48f65a8cae9ce34e489ac74ffa439a8cca31f404bea41d3a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 607
x-xss-protection: 1; mode=block
expires: Sat, 14 Jan 2023 05:02:07 GMT

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
375 B 394ms
394ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=3234&currency=USD

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357e07efbbd95f94fc82e7cccdb7ae8abcb3f8902a1b57e33437d90005928ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 927a3094-9693-4ba1-8ac8-88b1e3a594f3
cf-ray: 7893d1522c642c2b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 braintree Show response
pay.classy.org/token/ 3 KB
3 KB 573ms
573ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/braintree?applicationId=3234&currency=EUR

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

212815d4af885f2eb312ef484f79557c0034d7352c20b16072d35e9c88d3a807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: bd615a37-37b7-4d8f-be90-a0e8dd4fe4b2
cf-ray: 7893d1525c8c2c2b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 donation-sidebar-image.jpg
www.lls.org/sites/default/files/National/USA/Image/Donation_Page_Sidebar/ 87 KB
87 KB 629ms
206ms Image
image/jpeg 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/sites/default/files/National/USA/Image/Donation_Page_Sidebar/donation-sidebar-image.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

6671adb2ec19e4e9f6469f48b31c0bb64d7bfd90bae527cfa9dbe16e21f634dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Tue, 24 Jan 2023 20:34:45 GMT
date: Sat, 14 Jan 2023 05:02:08 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Sun, 01 Jan 2023 17:52:50 GMT
server: nginx
age: 289642
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 88828
x-request-id: v-38044d02-9126-11ed-a731-cbd390dc1190
x-cache-hits: 15899

GET
H/1.1 200
OK Leukemia_Lymphoma_Society_Logo.jpeg
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 148 KB
148 KB 238ms
111ms Image
image/jpeg 52.217.169.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/Leukemia_Lymphoma_Society_Logo.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.169.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1cf4c3f7783acd7b95935ce797c3a7f8d9c134c81274d67dfd418e017ee90a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 05:02:08 GMT
x-amz-version-id: vgBsg7J0tLX1oMtqWQHfXALALkH7LHur
Last-Modified: Thu, 06 May 2021 19:13:59 GMT
Server: AmazonS3
x-amz-request-id: 19NDCA259CR6PJA6
ETag: "7399e1ad909ddecce04213c4985ac8b9"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 151568
x-amz-id-2: 0TEgF3/O42qP/VvXih12z3+DfsNQHXq3Opesxa2ish3cOBw6wJcWQPHJPpq0r+vb5cLNA1+sFwM=

GET
H/1.1 200
OK DigiCert_logo.svg.png
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 40 KB
40 KB 242ms
115ms Image
image/png 52.217.169.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/DigiCert_logo.svg.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.169.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a631a08caf61b3391f7436707f8f2808aef4caf1faf5af8785c653c56366ae96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 05:02:08 GMT
x-amz-version-id: 8yNFup.jCiiYf7q88ZxVZ0rbHTZHdMOF
Last-Modified: Fri, 28 May 2021 15:49:53 GMT
Server: AmazonS3
x-amz-request-id: 19NAFAKKVMPG7G0C
ETag: "600b5d901481a9ef521df589dfdb8d39"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 40500
x-amz-id-2: YS5pIW39+ygPPXD4l4jluCtwpUzyrEDrrGpKLC9+rCpePhHRegJifTO/UhBHNTYdowPCdo9L3UE=

GET
H2 200 lock.jpg
donate.lls.org/content360/lls/default/images/ 1 KB
2 KB 530ms
108ms Image
image/jpeg 3.226.19.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.lls.org/content360/lls/default/images/lock.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.226.19.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-19-190.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e6f8560c2bcfd37f2cb0aecc566f6e17a8d05f9035fa3c109435cb0b3ba4577d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires: Sat, 14 Jan 2023 05:22:08 GMT
date: Sat, 14 Jan 2023 05:02:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 12:44:56 GMT
server: Apache
etag: "4f4-5e8019048e708"
content-type: image/jpeg
cache-control: max-age=1200
accept-ranges: bytes
content-length: 1268
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H/1.1 200
OK credit-card.png
classy-prod-assets.s3.amazonaws.com/_marketing/o33874/ 4 KB
5 KB 251ms
116ms Image
image/png 52.217.169.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://classy-prod-assets.s3.amazonaws.com/_marketing/o33874/credit-card.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.169.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 653b1e7dda2ae31cadec0faef23859b36811acc21913d7eaf3f9a9da592bfb3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 05:02:08 GMT
x-amz-version-id: .pgyDGLd4uE3leTaVI6.JLkMsUQEfeW5
Last-Modified: Wed, 05 May 2021 19:54:18 GMT
Server: AmazonS3
x-amz-request-id: 19N58RTZCPX2H6T7
ETag: "23302ee1bf5938d693c8395b2fec9c30"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: FAILED
Accept-Ranges: bytes
Content-Length: 4447
x-amz-id-2: ptoHdfeG/vxz3r2+Na1W6BQMzC7yTJGgTIFq5QFJc4Aafg2z1v+Fl02li958bRBPP50ylmHyaLk=

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
258 B 105ms
105ms Image
image/gif 54.156.17.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1566116007&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=8&st=1673672527825&hv=4.19.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.17.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 106ms
105ms Image
image/gif 54.156.17.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3917292990020231&v=7342341141338403&s=2557215303044341&b=web&tv=4.0&sp=z&sp=0&sp=us&sp=sfmc&sp=um&sp=email&sp=ua&sp=FDA%20Approval_2023013_National&sp=ts&sp=1673672527062&sp=d&sp=givenow.lls.org&sp=h&sp=%2Fgive%2F342076%2F&sp=t&sp=The%20Leukemia%20%26%20Lymphoma%20Society&sp=q&sp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=givenow.lls.org&pp=q&pp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&pp=h&pp=%2Fgive%2F342076%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=The%20Leukemia%20%26%20Lymphoma%20Society&pp=ts&pp=1673672527062&id0=8044931500027163&t0=click&n0=button&c0=payment-method-select-btn__cc&y0=%40section%3B.block-component%3B.ng-scope%3B%5Bdata-ng-repeat%3Dcomponent%20in%20list.components%20%20filter%3A%7Bsection%3A%27main%27%7D%20%20orderBy%3A%27order%27%5D%3B%7C%40div%3B.ng-scope%3B%5Bdata-ng-include%3Dcomponent.templateUrl%5D%3B%7C%40div%3B%23df_checkout_donation-payment%3B.donation-payment%3B.ng-scope%3B%5Baria-label%3DPayment%20Details%5D%3B%5Bdata-ng-controller%3DfrsDonationPaymentCtrl%5D%3B%7C%40div%3B%7C%40cp-payment-widget%3B%23classy-payment-widget%3B.ng-isolate-scope%3B%5Bapi%3DAPI%5D%3B%5Bcurrency%3DMODEL.payment.raw_currency_code%5D%3B%5Bfee-processing%3DglobalState.feeProcessing%5D%3B%5Bhide-postal%3Dtrue%5D%3B%5Bmeta%3DMETA%5D%3B%5Bparent-model%3DMODEL%5D%3B%5Bpayment%3DMODEL.payment%5D%3B%5Bsubmit-digital-wallets%3DsubmitDigitalWallets%5D%3B%7C%40div%3B.donation-payment-method-select%3B.row%3B%5Bng-hide%3D%24ctrl.hideButtons%5D%3B%7C%40div%3B.column-md-5%3B%7C%40button%3B.payment-method-select-btn__cc%3B%5Baria-controls%3Ddonation-page_checkout_payment-form%20donation-page_checkout_payment-details%5D%3B%5Baria-expanded%3Dtrue%5D%3B%5Bdata-tracked-element%3Ddonation-page_checkout_credit-card-btn%5D%3B%5Bng-click%3D%24ctrl.showCardInputs()%5D%3B%5Btype%3Dbutton%5D%3B%7C&ts0=1673672527745&x0=CREDIT%20CARD&id1=437471078272951&t1=click&n1=div&c1=donation-amount-recurring__btn%20once%20hover-state_one-time%20selected&y1=%40div%3B.donation-amount-recurring%3B%7C%40div%3B.donation-amount-recurring__switch%3B.ng-scope%3B.rf%3B%5Baria-label%3DSelect%20a%20donation%20frequency%5D%3B%5Bdata-ng-if%3D!%24ctrl.preventOldrfForDeque%20%26%26%20!%24ctrl.onlyReccurringFrequency(%24ctrl.frequencyLevels)%20%26%26%20%24ctrl.recurringLevels(%24ctrl.frequencyLevels).length%20%3E%200%5D%3B%5Bdata-ng-init%3D%24ctrl.showFreqDropdown()%5D%3B%5Brole%3Dradiogroup%5D%3B%7C%40div%3B.donation-amount-recurring__btn%3B.hover-state_one-time%3B.once%3B.selected%3B%5B_spec%3Done-time%5D%3B%5Bdata-ng-class%3D%7B%27selected%27%3A%20%24ctrl.frequency%20%3D%3D%3D%20%27one-time%27%7D%5D%3B%5Bdata-ng-click%3D%24ctrl.selectFrequency(%27one-time%27)%20%24ctrl.showFreqDropdown(%27one-time%27)%20%24ctrl.isRecurringFrequency(%24event)%5D%3B%5Bdata-ng-keypress%3D%24ctrl.selectFrequency(%27one-time%27%2C%24event)%20%24ctrl.isRecurringFrequency(%24event)%5D%3B%5Bdata-ng-mouseout%3D%24ctrl.hoverFrequencyStyle(%27one-time%27%2Cfalse)%5D%3B%5Bdata-ng-mouseover%3D%24ctrl.hoverFrequencyStyle(%27one-time%27%2Ctrue)%5D%3B%5Bdata-ng-style%3D%24ctrl.oneTimeBtnStyle(%27one-time%27)%5D%3B%5Btabindex%3D0%5D%3B%7C&ts1=1673672527789&x1=One%20time&id2=5873860216910362&t2=click&n2=button&c2=active-button&i2=recur-no&y2=%40section%3B.block-component%3B.ng-scope%3B%5Bdata-ng-repeat%3Dcomponent%20in%20list.components%20%20filter%3A%7Bsection%3A%27main%27%7D%20%20orderBy%3A%27order%27%5D%3B%7C%40div%3B.ng-scope%3B%5Bdata-ng-include%3Dcomponent.templateUrl%5D%3B%7C%40section%3B.donation-amount%3B.ng-scope%3B%5Bdata-ng-controller%3DfrsDonationAmountCtrl%5D%3B%7C%40donation-amount-recurring-rf%3B.ng-isolate-scope%3B.ng-scope%3B%5Bamount%3DMODEL.items0.raw_final_price%5D%3B%5Bcurrency%3DMODEL.payment.raw_currency_code%5D%3B%5Bdonation-context%3DCONTEXT%5D%3B%5Bfrequency-levels%3DDonationBlock.current%27recurring-level%27%5D%3B%5Bfrequency%3DMODEL.frequency%5D%3B%5Blevels%3Dstate.levels%5D%3B%5Bnew-amount%3DMODEL.items0.raw_final_price%5D%3B%5Bng-if%3D!preventRecurringFrequency%5D%3B%5Bpreview%3DglobalState.isPreview%5D%3B%5Bprevious-frequency-price%3DMODEL.items0.previous_frequency_price%5D%3B%5Brecur_until%3DMODEL.recur_until%5D%3B%5Brecurring-donation-levels%3Dstate.recurringDonationLevels%5D%3B%5Bsetting-page-frequency%3DMODEL.frequency%5D%3B%7C%40div%3B%23custom-recurring%3B%7C%40div%3B.recurring-buttons%3B%7C%40button%3B%23recur-no%3B.active-button%3B%5Btype%3Dbutton%5D%3B%5Bvalue%3DButton%5D%3B%7C&ts2=1673672527797&x2=No&st=1673672527826

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.17.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 logo-paypal.svg
givenow.lls.org/static/global/images/payments/ 4 KB
3 KB 33ms
33ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/static/global/images/payments/logo-paypal.svg

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/17685/static/global/libs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:12:28 GMT
server: cloudflare
age: 73812
etag: W/"63bdaa8c-1042"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7893d152ea419ba0-FRA
expires: Sat, 13 Jan 2024 08:31:54 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 51ms
15ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 22:12:50 GMT
x-content-type-options: nosniff
age: 370157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 22:12:50 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 63ms
28ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 22:12:50 GMT
x-content-type-options: nosniff
age: 370157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 22:12:50 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 71ms
36ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 22:12:50 GMT
x-content-type-options: nosniff
age: 370157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 22:12:50 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ 28 KB
29 KB 75ms
52ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 11:53:12 GMT
x-content-type-options: nosniff
age: 234535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 11:53:12 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 65ms
43ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 22:12:50 GMT
x-content-type-options: nosniff
age: 370157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 22:12:50 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 68ms
47ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 22:12:50 GMT
x-content-type-options: nosniff
age: 370157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 22:12:50 GMT

GET
H2 200 590.25fcbbf1-1221.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 9ms
7ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/590.25fcbbf1-1221.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 395056ecee5622e00a230e5e93a4b2808326bae0857b081730db2831790dc92d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: ojurhdR3hlmw0KgBN226TqH.sYUeq1Tt
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Jan 2023 05:02:07 GMT
x-amz-request-id: DP511T6TGB5P4BCP
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3878
x-amz-id-2: uEW+9EKfW7xJqEiPuKxCx6PhXB4cIq+teBTago99J88jiDOoXeVPdjly1iWPSwkwL4pawYLuMMA=
x-served-by: cache-hhn-etou8220033-HHN
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
server: AmazonS3
x-timer: S1673672528.887402,VS0,VE0
etag: "92e1944f8d0a41050f325890fd46d907"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3305

GET
H2 200 620.25fcbbf1-1221.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 8ms
7ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/620.25fcbbf1-1221.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4cd9934995b7dd6ad101d98b6ec4bfb1a436de9b2a80ad083bd8f1b5b5d7aa2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: 6lV0qmNXhg30w3uSxv0KTWVW7Bqq19jz
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Jan 2023 05:02:07 GMT
x-amz-request-id: DP53Z83NXYDYB27B
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1442
x-amz-id-2: cT1nVFPJ1gxYXL/d2HVlF1cb+LQNdASfpgIX8NfIkFPcMKxszkq4h2xd5qIaCTSQ/dm2Ww661kA=
x-served-by: cache-hhn-etou8220033-HHN
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
server: AmazonS3
x-timer: S1673672528.887936,VS0,VE0
etag: "7169c597dc2cc2eda7ee9c54a7cceaf6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3295

GET
H2 200 457.25fcbbf1-1221.js Show response
js-agent.newrelic.com/ 5 KB
3 KB 9ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/457.25fcbbf1-1221.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6feced6c3b359298538c33cda2dcf7437e3c58143ab7876922bd3938e1ab141

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: PI7ELWWdeBYiCYBkGMRwXTH0E8ONfEZC
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Jan 2023 05:02:07 GMT
x-amz-request-id: DP51GDVX56W3M8S3
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2241
x-amz-id-2: /ySYlDTNDyn9WDU+4bySMM4q1KDiDJu1vBJ8KTZzdmJDrBlbNkVUlnynCbB1DsfuGdhHLJtnyVg=
x-served-by: cache-hhn-etou8220033-HHN
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
server: AmazonS3
x-timer: S1673672528.888034,VS0,VE0
etag: "74cb970ad1cca9b43a1326b3618adc9f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3312

GET
H2 200 41.25fcbbf1-1221.js Show response
js-agent.newrelic.com/ 1 KB
837 B 8ms
7ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/41.25fcbbf1-1221.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b1e3458d0bba420ac1db74ed15fb1c759985257bfdc159b0db0389b7979143f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: kjJhv0udNxPYmQsH0WhUQa7Lt5whW0LX
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Jan 2023 05:02:07 GMT
x-amz-request-id: DP53FPGRDZZQFPAX
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 631
x-amz-id-2: q9wkiEBpGV4Dk3r+Nhb6CRlEE5PW6qFBfTnGHcynv9HUZHJfBCxQzlQtcqHd9+VABEi8n5N8C88=
x-served-by: cache-hhn-etou8220033-HHN
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
server: AmazonS3
x-timer: S1673672528.888037,VS0,VE0
etag: "c1aa4a379e67391a744dd540f1cce912"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3286

GET
H2 200 244.25fcbbf1-1221.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 9ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/244.25fcbbf1-1221.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cfc249f9d4658f095eef03e7b7104ae8257fdcb67b3b674662643fb7887f75d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: e2__U5byTFNhVa9OnsLbCmLc69kX_p7Y
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Jan 2023 05:02:07 GMT
x-amz-request-id: DP5928XDQAACC8KW
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2760
x-amz-id-2: G2PqdTvJzoV4m47bYSAd3vdKS2vrs1jFDVdJqLp/AcsXi4RmKpOVrMVn6JKhRXRsApVuawfP5KE=
x-served-by: cache-hhn-etou8220033-HHN
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
server: AmazonS3
x-timer: S1673672528.888227,VS0,VE0
etag: "10761414c69129d7b0eca13654453978"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2447

GET
H2 200 736.25fcbbf1-1221.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 9ms
9ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/736.25fcbbf1-1221.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b62125421990eba94789d81949835d716f1459b9033e3e54758c97838c84132f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: Jd0S.YVh9CaXfPOCqdoECl_Mx9lbK5bG
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Jan 2023 05:02:07 GMT
x-amz-request-id: DP5B26F02ZF929KJ
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2337
x-amz-id-2: 9Ac+yErGgoGGxhurqEwLLWAf3UQsRP8WFXIQAEF0ScdMSF9e5MUL5vcs0B0PIU0mZnm32VX52cM=
x-served-by: cache-hhn-etou8220033-HHN
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
server: AmazonS3
x-timer: S1673672528.888419,VS0,VE0
etag: "f89e0773b439273abd9cce629a69a68e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2448

GET
H2 200 142.25fcbbf1-1221.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 9ms
9ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/142.25fcbbf1-1221.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de97d6abbdde1de78981435c65ca4adf188fc4978e5845a12e8b4661433fa147

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: VffeRtNBrgVvjp64eZabDMMkJE1Mt0o3
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Jan 2023 05:02:07 GMT
x-amz-request-id: DP55EFPEVZSJ5E85
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1086
x-amz-id-2: G58sEkpvHRBa+FPbJBNy3tJHdce7JRm6M0i9+ut3F9sCZTKEDeurUbBAO/GITadQCNQv7q5ev1A=
x-served-by: cache-hhn-etou8220033-HHN
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
server: AmazonS3
x-timer: S1673672528.888781,VS0,VE0
etag: "39c27fcfa6bb15809b306b5c915522b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2438

GET
H2 200 466.25fcbbf1-1221.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 9ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/466.25fcbbf1-1221.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 419329bca02814380e8d49eb750b1d369bef1c7e56b2607510a98840184694dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: qv9p0IVfilK3D.ZTQ1hUosNHmmv.lLd6
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Jan 2023 05:02:07 GMT
x-amz-request-id: DP576ZRJM81MXRHR
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2995
x-amz-id-2: SNN3sRlrx/wEAOS/6rTM7cf6XlM+POohnpjh5Wx+dMSxklwoG+icD9o5uPu2qA+XpdC4kHbbq7g=
x-served-by: cache-hhn-etou8220033-HHN
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
server: AmazonS3
x-timer: S1673672528.889324,VS0,VE0
etag: "eff7d2245d8d47fee06efb3b1f53af37"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2439

GET
H2 200 885.25fcbbf1-1221.js Show response
js-agent.newrelic.com/ 17 KB
6 KB 8ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/885.25fcbbf1-1221.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fdbf6a9c107327c297f8df985c31732642809a7a656c70f9bf51dca1fd18526d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: Js2cPjVhYFdcC2CsvlVQmVtMWUAuHzkv
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Jan 2023 05:02:07 GMT
x-amz-request-id: DP5BYXGZ2BT33Y19
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6086
x-amz-id-2: ZQzJ60xAF0r2TQ5oCUHGVJp7CbI72Aut89iGzRiGV5OzpWzCQS2LLNbO5R4wE77N0fDLG9ChZrA=
x-served-by: cache-hhn-etou8220033-HHN
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
server: AmazonS3
x-timer: S1673672528.889883,VS0,VE0
etag: "24b4856ed39246f3c0d71e48be979862"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1974

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
360 B 539ms
104ms XHR
text/plain 54.157.163.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.163.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-163-84.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 14 Jan 2023 05:02:08 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://givenow.lls.org
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: f119ce62-045c-498c-9993-50a9d727f088

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/17685/static/global/fonts/ 42 KB
43 KB 518ms
517ms Font
application/x-font-woff 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/17685/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/17685/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8a4e78ec2d46262a5c3f48a3fa6e0a7a0951328fec8e4e267ed0db586d04b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/17685/static/frs/main.css
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-amz-request-id: NZFPQ7ZVGA19J1EM
content-length: 43184
x-amz-id-2: uJD4GOAC/eCRvUdw+vbVjtoUtMn8it4/WfPqOYocpy+0h9x65qWKnD18txhEEKVhdaFGQtgAaB5yQtZgF5PBpA==
last-modified: Tue, 10 Jan 2023 18:16:22 GMT
server: cloudflare
etag: "62fec216204d32a15dbed551c4b2c6b2"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7893d1535ecd9b37-FRA

GET
H2 200 inner.html Show response
m.stripe.network/ Frame F91F 930 B
2 KB 93ms
25ms Document
text/html 2600:9000:2127:7a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:7a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 05:02:07 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 1f98172ca4214b0e937b7d3d534b34cc.cloudfront.net (CloudFront)
x-amz-cf-id: 6RrWK5C_5aUTLVABKFuT3XLz4vXpLzTs6nBaX2-40Dbd6e7rMIBAlQ==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 plugin_settings Show response
doublethedonation.com/api/v1/ 457 B
467 B 285ms
97ms XHR
application/json 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://doublethedonation.com/api/v1/plugin_settings?customer_id=OYfFVDFEbzMkus7L

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

2f3e0ac70a642adcc91c553684344d2e1bf9aa50d00725d6f11c690eb8ed92c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx
x-frame-options: sameorigin
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 105ms
105ms Image
image/gif 54.156.17.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3917292990020231&v=7342341141338403&s=2557215303044341&b=web&tv=4.0&sp=z&sp=0&sp=us&sp=sfmc&sp=um&sp=email&sp=ua&sp=FDA%20Approval_2023013_National&sp=ts&sp=1673672527062&sp=d&sp=givenow.lls.org&sp=h&sp=%2Fgive%2F342076%2F&sp=t&sp=The%20Leukemia%20%26%20Lymphoma%20Society&sp=q&sp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=givenow.lls.org&pp=q&pp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&pp=h&pp=%2Fgive%2F342076%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=The%20Leukemia%20%26%20Lymphoma%20Society&pp=ts&pp=1673672527062&id0=5013766346218535&t0=click&n0=button&c0=form__radio-control%20checked&y0=%40div%3B.mp-sensitive%3B.ng-scope%3B%5Bdata-heap-ignore%3Dtrue%5D%3B%5Bdata-ng-if%3Dshow.customQuestions()%5D%3B%5Bdata-ng-include%3D%3A%3Atemplate(%27custom-questions%27)%5D%3B%7C%40div%3B.billing-mailing-same%3B.donation-table%3B.ng-scope%3B%5Bdata-ng-repeat%3Dquestion%20in%20list.customQuestions%5D%3B%7C%40div%3B.ng-scope%3B%5Bdata-ng-include%3D%3A%3Atemplate(%27questions%2F%27%20%2B%20question.type)%5D%3B%7C%40div%3B.donation-table_row%3B.ng-scope%3B%7C%40div%3B.donation-table_columns%3B%7C%40div%3B.donation-table_column%3B%7C%40radio-control%3B.ng-dirty%3B.ng-isolate-scope%3B.ng-not-empty%3B.ng-not-modified%3B.ng-touched%3B.ng-valid%3B.ng-valid-parse%3B.ng-valid-required%3B%5Baria-invalid%3Dfalse%5D%3B%5Bname%3Dcq_710217%5D%3B%5Bng-model-options%3D%7B%20getterSetter%3A%20true%20%7D%5D%3B%5Bng-model%3DMETA.answersquestion.id%5D%3B%5Bng-required%3Dquestion.is_required%5D%3B%5Bsc-form-error%3Dhighlight%20if%20cq_710217%20fails%5D%3B%5Bvalue%3D%27Yes%27%5D%3B%7C%40button%3B.checked%3B.form__radio-control%3B%5B_spec%3Dbutton%5D%3B%5Baria-checked%3Dtrue%5D%3B%5Baria-label%3D%5D%3B%5Bng-class%3D%7B%20checked%3A%20%24ctrl.isChecked()%20%7D%5D%3B%5Bng-click%3D%24ctrl.select()%5D%3B%5Bng-disabled%3D%24ctrl.disabled%5D%3B%5Bng-keydown%3D%24ctrl.onKeyDown(%24event)%5D%3B%5Brole%3Dradio%5D%3B%5Btabindex%3D0%5D%3B%5Btype%3Dbutton%5D%3B%7C&ts0=1673672527804&x0=Yes&id1=296015463393879&t1=click&n1=button&c1=active-button&i1=mailing-yes&y1=%40div%3B.ng-scope%3B%5Bfrs-donation-block%3D%5D%3B%7C%40div%3B.donation-block%3B.frs-donation-block%3B.ng-scope%3B%7C%40main%3B.donation-block_main%3B%5Bdata-ng-show%3DCryptoGiving.hidden()%20%26%26%20!CryptoGiving.exclusive()%5D%3B%7C%40form%3B.donation-block_form%3B.ng-dirty%3B.ng-invalid%3B.ng-invalid-max%3B.ng-invalid-min%3B.ng-invalid-required%3B.ng-valid-email-address%3B.ng-valid-maxlength%3B.ng-valid-minlength%3B.ng-valid-parse%3B.ng-valid-pattern%3B.ng-valid-phone-number%3B%5Bdata-ng-submit%3Dsubmit()%5D%3B%5Bdata-sc-broadcast-form-errors%3D%5D%3B%5Bname%3DFORM%5D%3B%5Bnovalidate%3Dnovalidate%5D%3B%7C%40section%3B.block-component%3B.ng-scope%3B%5Bdata-ng-repeat%3Dcomponent%20in%20list.components%20%20filter%3A%7Bsection%3A%27main%27%7D%20%20orderBy%3A%27order%27%5D%3B%7C%40div%3B.ng-scope%3B%5Bdata-ng-include%3Dcomponent.templateUrl%5D%3B%7C%40div%3B%23df_checkout_donation-payment%3B.donation-payment%3B.ng-scope%3B%5Baria-label%3DPayment%20Details%5D%3B%5Bdata-ng-controller%3DfrsDonationPaymentCtrl%5D%3B%7C%40div%3B%23custom-mailing%3B%7C%40div%3B.mailing-buttons%3B%7C%40button%3B%23mailing-yes%3B.active-button%3B%5Btype%3Dbutton%5D%3B%5Bvalue%3DButton%5D%3B%7C&ts1=1673672527805&x1=Yes&id2=8131265518756362&k2=environment&k2=prod&k2=organization_id&k2=33874&k2=campaign&k2=342076&k2=campaign_type&k2=donation&k2=duplicate_fundraisers&k2=false&k2=existing_fundraiser&k2=false&k2=label&k2=Begin%20Checkout&k2=action&k2=checkout&k2=currency&k2=USD&t2=Begin%20Checkout&ts2=1673672527825&st=1673672527920

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.17.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 status Show response
givenow.lls.org/sso/ 90 B
1 KB 145ms
144ms XHR
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361017884101815141062_1673672527159&_=1673672527160

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

c13217b79a693a1da720ef792aa2da4b801977c5b4965f7adce500446134267e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-a91d4601ba6767e9----1673672527927
traceparent: 00-fde5605c44b085918f184ca35d099240-a91d4601ba6767e9-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhOTFkNDYwMWJhNjc2N2U5IiwidHIiOiJmZGU1NjA1YzQ0YjA4NTkxOGYxODRjYTM1ZDA5OTI0MCIsInRpIjoxNjczNjcyNTI3OTI3fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
X-Requested-With: XMLHttpRequest

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
p3p: CP="Classy does not have a P3P policy."
content-type: application/javascript; charset=utf-8
cache-control: no-cache, private
cf-ray: 7893d1538ad89ba0-FRA
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 65ms
21ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3837893-1&cid=1231150126.1673672527&jid=561950199&gjid=893242533&_gid=1180984556.1673672527&_u=KGDACEAABAAAACAAI~&z=1781271319

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 14 Jan 2023 05:02:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 63ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-225158-16&cid=1231150126.1673672527&jid=415708795&gjid=1004765400&_gid=1180984556.1673672527&_u=KGDACEABBAAAACAAI~&z=4590151

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 14 Jan 2023 05:02:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/970754387/ 2 KB
1 KB 107ms
64ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970754387/?random=1673672527937&cv=11&fst=1673672527937&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&auid=500378098.1673672528&uaw=0&rfmt=3&fmt=4

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

523c4d4c0dd3f8a602003ec3f6edf9d869ed129f8e6d024f79f76540cf480c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 972
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 49ms
22ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-225158-16&cid=1231150126.1673672527&jid=385176253&gjid=1542488880&_gid=1180984556.1673672527&_u=aGDAiEABBAAAAGAAI~&z=1533152812

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 14 Jan 2023 05:02:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 04:30:51 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1876
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 14 Jan 2023 06:30:51 GMT

GET
H2

200

activityi;dc_pre=CPDNkISkxvwCFYxOwgodVo8G5A;src=8977078;type=allpg;cat=allpgst;ord=9205260222087;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_sou... Show response
8977078.fls.doubleclick.net/ Frame 688A
Redirect Chain

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgst;ord=9205260222087;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_s...
https://8977078.fls.doubleclick.net/activityi;dc_pre=CPDNkISkxvwCFYxOwgodVo8G5A;src=8977078;type=allpg;cat=allpgst;ord=9205260222087;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow....

723 B
663 B

59ms
58ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8977078.fls.doubleclick.net/activityi;dc_pre=CPDNkISkxvwCFYxOwgodVo8G5A;src=8977078;type=allpg;cat=allpgst;ord=9205260222087;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC52XK&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

517847bc7a3de0d0641e067457ec31496100868fd97a70c7b10add22c635a7cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 324
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 05:02:08 GMT
expires: Sat, 14 Jan 2023 05:02:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 05:02:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8977078.fls.doubleclick.net/activityi;dc_pre=CPDNkISkxvwCFYxOwgodVo8G5A;src=8977078;type=allpg;cat=allpgst;ord=9205260222087;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CKLdkoSkxvwCFVZUwgod32QPlA;src=8977078;type=allpg;cat=allpgun;ord=1;num=8638746598057;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Fu... Show response
8977078.fls.doubleclick.net/ Frame A5C2
Redirect Chain

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgun;ord=1;num=8638746598057;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3...
https://8977078.fls.doubleclick.net/activityi;dc_pre=CKLdkoSkxvwCFVZUwgod32QPlA;src=8977078;type=allpg;cat=allpgun;ord=1;num=8638746598057;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgi...

729 B
353 B

63ms
60ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8977078.fls.doubleclick.net/activityi;dc_pre=CKLdkoSkxvwCFVZUwgod32QPlA;src=8977078;type=allpg;cat=allpgun;ord=1;num=8638746598057;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC52XK&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

922d9d4bc54146345623cf065c43ea24832db7b9709d8e05b5af97f11d04424b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 328
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 05:02:08 GMT
expires: Sat, 14 Jan 2023 05:02:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 05:02:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8977078.fls.doubleclick.net/activityi;dc_pre=CKLdkoSkxvwCFVZUwgod32QPlA;src=8977078;type=allpg;cat=allpgun;ord=1;num=8638746598057;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/ 2 KB
2 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1673672527984&cv=11&fst=1673672527984&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&auid=500378098.1673672528&uaw=0&rfmt=3&fmt=4

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df3309916ba2539ce094007640c9fdd63093dad6992d92e3e3a3a451f37dd090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 973
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/779965559/ 2 KB
1 KB 271ms
27ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/779965559/?random=1673672527985&cv=11&fst=1673672527985&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&bttype=purchase&auid=500378098.1673672528&uaw=0&rfmt=3&fmt=4

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e0906f0152ea11f6d2b124b154f2c63967e3911c6eb1f4b40d16901ebd753cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1070099938/ 2 KB
2 KB 267ms
26ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1070099938/?random=1673672527987&cv=11&fst=1673672527987&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&bttype=purchase&auid=500378098.1673672528&uaw=0&rfmt=3&fmt=4

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

50a8ed2a767db4d89a488e368cccba31a6d4311999520c2ce6335c892c89373e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1347
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 252ms
15ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Jan 2023 05:02:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27815
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 5Keeauy5w27lPRnxhsS/qNCrZ2CEjBZgiymaPiXQwdIjKQOoQcwAcFmzPobPXrz8aX3cpeK0ljiQ3gPXViTbog==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 54ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 14 Jan 2023 05:02:08 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0668B61B3813435A9FB6973543A5DF07 Ref B: FRAEDGE1919 Ref C: 2023-01-14T05:02:08Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H2 200 merkle_track.js Show response
cdn.merklesearch.com/ 2 KB
1 KB 258ms
22ms Script
application/javascript 65.9.95.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.merklesearch.com/merkle_track.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-88.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b50fe60629db539a09545bae38ce3668b8f151a25ce2914cf707654c6424c06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 06:54:55 GMT
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jun 2019 16:04:05 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 79793
etag: W/"ba48ece064f452562968947c4e6d063b"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: I5xQGu1pr_20PPMepEOfAC3FQYbq-mn2KPWMbIAxH19aCC-Yy4qMOg==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 233ms
9ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
content-encoding: gzip
etag: "WQX8ubvDGl3DCUDHzxu0sA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 21 Jan 2023 05:02:08 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 2F78
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3B...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3B...

1 KB
2 KB

220ms
135ms

Document
text/html

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=912539043203294500&dcc=t

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

2633f620d221ef82fec7cfba1c83c44dd1a9e2fc2573b2083e5d649f636e4348

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1160
Content-Type: text/html;charset=ISO-8859-1
Date: Sat, 14 Jan 2023 05:02:08 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 9WCM5AVCTYXEF1QT5NZE

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 14 Jan 2023 05:02:08 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=912539043203294500&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 1MDW629MKK5FTE07QZ7R

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 193ms
12ms Script
application/x-javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-65-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 06:03:06 GMT
Content-Encoding: gzip
Via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C1
Age: 82743
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: O0Z8OX4r3NByx1oGYr0ftzIrwWLz-Y9yhF35_r4Izfqo3pJRt4AxYw==

GET
H/1.1 204
No Content cs.js Show response
aa.trkn.us/1/e/ 0
166 B 193ms
13ms Script
text/plain 23.44.75.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.trkn.us/1/e/cs.js?cid=c013&evid=6894817b-ce68-494a-a2cd-4e160ce0f1d8&suu=1&dmn=givenow.lls.org
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.75.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-75-77.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 05:02:08 GMT
Cache-Control: private, max-age=3600
Connection: keep-alive
Expires: Sat, 14 Jan 2023 06:02:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-63NN87E39V&l=dataLayer&cx=c

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5432d83a1fbbdd0e4e138f570627046deea091cc94a5eef4ddd4f931f431f30b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77449
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Jan 2023 05:02:08 GMT

GET
H2 404 bind
media2.legacy.com/ 0
77 B 345ms
105ms Image
text/plain 52.70.199.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media2.legacy.com/bind?ckey1=LeukemiaLymphSoc;cvalue1=1;expiresDays=60;adct=image/gif;misc=123;&gtmcb=1431483148
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.199.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-199-21.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=831916669&t=pageview&_s=1&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABBAAAACAAI~&jid=385176253&gjid=1542488880&cid=1231150126.1673672527&tid=UA-225158-16&_gid=1180984556.1673672527&gtm=2wg1a1PC52XK&z=683808221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 02:51:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7837
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 113ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=k4816zm&ct=0:t1qofst&fmt=3&gtmcb=839925515
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ 28 KB
29 KB 17ms
13ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 11:53:12 GMT
x-content-type-options: nosniff
age: 234536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 11:53:12 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4248d311/www-widgetapi.vflset/ 183 KB
62 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 00:40:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62798
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 14 Jan 2024 00:40:15 GMT

GET
H/1.1 200
OK widget_iframe.3da3731af9a8a2b242ed5500485bb22f.html Show response
platform.twitter.com/widgets/ Frame 9044 320 KB
104 KB 9ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.3da3731af9a8a2b242ed5500485bb22f.html?origin=https%3A%2F%2Fgivenow.lls.org
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E0) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 11589
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Sat, 14 Jan 2023 05:02:08 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Sat, 14 Jan 2023 01:38:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67E0)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 configuration Show response
api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/ 3 KB
2 KB 754ms
669ms Script
application/javascript 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NzM3NTg5MjcsImp0aSI6ImFlMDg4Y2ZlLTIzMjEtNDBmOC05Nzk0LTJkY2YwZjJhMDE4NyIsInN1YiI6ImNneHZ6MjR4ZGp4OTUyajciLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6ImNneHZ6MjR4ZGp4OTUyajciLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.0kN5rum9_IEZ3IbA1GBq19NJrUalyxWSjnlMCAEQlX54Z-G51E4pkbtfSNfrnk1LfsIZa4sELExHsA1Wzpaxkw&callback=callback_json7daf3f3ce31b41ff988cd3480cab7a39

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d8ce67b0f241caa2eb3307018875bde7a7c67b3252c9da20f134f3c37ddc029f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=63072000; includeSubDomains
paypal-debug-id: df67ea373a9a4
x-xss-protection: 1; mode=block
x-request-id: eaa7e7c0-dc5c-46b0-b469-bb24ab3d658e
x-runtime: 0.548055
referrer-policy: strict-origin-when-cross-origin
etag: W/"72de81e259d19b8b97b85d58ccfbf288"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
x-braintree-merchant-shard: 1
cache-control: max-age=0, private, must-revalidate
x-broxyid: eaa7e7c0-dc5c-46b0-b469-bb24ab3d658e

POST
H2 200 csp-report
q.stripe.com/ Frame F91F 0
373 B 168ms
167ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: blue
pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 controller-42403bea3e9762e19fe063cd3cfe5b3a.html Show response
js.stripe.com/v3/ Frame 6B57 325 B
1 KB 25ms
23ms Document
text/html 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-42403bea3e9762e19fe063cd3cfe5b3a.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

c993a0d78d33f03305cb60a0a801293bb440d65971c885b1041f4b6c837e3324

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 48
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 05:01:24 GMT
etag: "42403bea3e9762e19fe063cd3cfe5b3a"
last-modified: Fri, 13 Jan 2023 19:40:47 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-id: GxObDEJBJIkdZnO_1WnuOlRu2-Fo5JaC9C5cI4tJmsIU8ZE8-bZMTw==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-93b504e78741eeb501e684e780bd6128.html Show response
js.stripe.com/v3/ Frame B7A2 408 B
1 KB 26ms
24ms Document
text/html 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-93b504e78741eeb501e684e780bd6128.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f12e9ff37ad707b914bb2b31a3ca0de0f01779eb710b7c736364a3be7547c310

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1157
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 04:42:55 GMT
etag: "93b504e78741eeb501e684e780bd6128"
last-modified: Fri, 13 Jan 2023 19:40:58 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-id: vy4J7Vth3bef6gidHAHRelPiJL-iIftH0Ps0dw_w2VV8HKEzKur9gg==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-28770122ed88aa037514ab2c18a0a1ac.html Show response
js.stripe.com/v3/ Frame BE06 344 B
1 KB 28ms
27ms Document
text/html 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-28770122ed88aa037514ab2c18a0a1ac.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

931f22004fdf9b2d05e32f4e1d8a8e9c5579b4619e0f4b59cf13658ac5af879b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 46
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 05:01:40 GMT
etag: "28770122ed88aa037514ab2c18a0a1ac"
last-modified: Fri, 13 Jan 2023 19:40:58 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-id: 9Jriz3gZkyQgLSKoATO8Llldy5i4Fx2AXR1CC8pmBIT5rkKzqo8WGA==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/ 403 KB
161 KB 92ms
25ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__de.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99cd5a24866ea8bad0bfe2dbf8fc9e6cac0ad653cbe23e16ff49d79f6ca64fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://givenow.lls.org/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 22:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164056
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:08:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 22:27:13 GMT

GET
H3

200

activityi;dc_pre=CNTfkoSkxvwCFc9NHgIdJI4Ojw;src=8977078;type=app_star;cat=donatest;ord=1;num=5751521390507;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F... Show response
8977078.fls.doubleclick.net/ Frame AD19
Redirect Chain

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=app_star;cat=donatest;ord=1;num=5751521390507;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%...
https://8977078.fls.doubleclick.net/activityi;dc_pre=CNTfkoSkxvwCFc9NHgIdJI4Ojw;src=8977078;type=app_star;cat=donatest;ord=1;num=5751521390507;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%...

744 B
362 B

102ms
98ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8977078.fls.doubleclick.net/activityi;dc_pre=CNTfkoSkxvwCFc9NHgIdJI4Ojw;src=8977078;type=app_star;cat=donatest;ord=1;num=5751521390507;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC52XK&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

009bfc0ec14673c1bc165fc44406a1c9cfb3929c4048fd9ef7d00c90a05b0903

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 337
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 05:02:08 GMT
expires: Sat, 14 Jan 2023 05:02:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 05:02:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8977078.fls.doubleclick.net/activityi;dc_pre=CNTfkoSkxvwCFc9NHgIdJI4Ojw;src=8977078;type=app_star;cat=donatest;ord=1;num=5751521390507;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1070099938/ 2 KB
1 KB 28ms
27ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1070099938/?random=1673672528167&cv=11&fst=1673672528167&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&bttype=purchase&auid=500378098.1673672528&uaw=0&rfmt=3&fmt=4

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

de5dfc737caa9ee69f0211fc625bfb384d8deb400d3036eec83d110b010ac723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1347
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame E363
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8...

1 KB
2 KB

133ms
133ms

Document
text/html

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=898800766207011800&dcc=t

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

4519a3797f1067cf1ea91e48cb17e2b219ed1de54703f44e6759962e1ff9bf15

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1160
Content-Type: text/html;charset=ISO-8859-1
Date: Sat, 14 Jan 2023 05:02:08 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: QWS2PTCZ2DFWRD44807Q

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 14 Jan 2023 05:02:08 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=898800766207011800&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: RB35QD7TDC3DS64P6M2C

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
260 B 36ms
35ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=k4816zm&ct=0:7g2encq&fmt=3&gtmcb=470064985
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 105ms
105ms Image
image/gif 54.156.17.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3917292990020231&v=7342341141338403&s=2557215303044341&b=web&tv=4.0&sp=us&sp=sfmc&sp=um&sp=email&sp=ua&sp=FDA%20Approval_2023013_National&sp=ts&sp=1673672527062&sp=d&sp=givenow.lls.org&sp=h&sp=%2Fgive%2F342076%2F&sp=q&sp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=givenow.lls.org&pp=q&pp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&pp=h&pp=%2Fgive%2F342076%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=The%20Leukemia%20%26%20Lymphoma%20Society&pp=ts&pp=1673672527062&id0=1241636280411237&k0=environment&k0=prod&k0=organization_id&k0=33874&k0=campaign&k0=342076&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=page&k0=%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986%23!%2Fdonation%2Fcheckout&k0=title&k0=Donation%20Page&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.74%20Safari%2F537.36&k0=event_id&k0=1673672528.405502409830&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1673672528171&st=1673672528172

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.17.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame F91F 86 KB
14 KB 26ms
26ms Script
text/javascript 2600:9000:2127:7a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:7a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 05:00:44 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 1f98172ca4214b0e937b7d3d534b34cc.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 93
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: h_gjtU78MSU8fp-janCeVsH9ofGAZsADk8wBizq0X8G9-F3r1U1Qyw==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-225158-16&cid=1231150126.1673672527&jid=415708795&_u=KGDACEABBAAAACAAI~&z=1020464910

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 70ms
28ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-225158-16&cid=1231150126.1673672527&jid=415708795&_u=KGDACEABBAAAACAAI~&z=1020464910

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 24ms
24ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-225158-16&cid=1231150126.1673672527&jid=385176253&_u=aGDAiEABBAAAAGAAI~&z=221906459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 63ms
27ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-225158-16&cid=1231150126.1673672527&jid=385176253&_u=aGDAiEABBAAAAGAAI~&z=221906459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controller-42403bea3e9762e19fe063cd3cfe5b3a.html Show response
js.stripe.com/v3/ Frame FBB4 325 B
1 KB 27ms
26ms Document
text/html 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-42403bea3e9762e19fe063cd3cfe5b3a.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

c993a0d78d33f03305cb60a0a801293bb440d65971c885b1041f4b6c837e3324

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 48
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 05:02:08 GMT
etag: "42403bea3e9762e19fe063cd3cfe5b3a"
last-modified: Fri, 13 Jan 2023 19:40:47 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-id: y5qDz2Jl9NYuSeHrrJziWi0aeBvBMOp2d3yorZGg1ZZtRouF18e1rg==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 css Show response
fonts.googleapis.com/ 2 KB
522 B 61ms
33ms Fetch
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99d65117e41688b9531881feb247e2279238af4da263200cc264accf1e7773e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Jan 2023 05:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 03:44:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Jan 2023 05:02:08 GMT

GET
H2 200 elements-inner-card-1847ac16465e62d7308bdd6092bc2c56.html Show response
js.stripe.com/v3/ Frame 8F77 798 B
2 KB 26ms
25ms Document
text/html 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-1847ac16465e62d7308bdd6092bc2c56.html

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

Cloudfront /

Resource Hash

d1b7ccdf7fa979c97339dadc6072c2edabb789225bc3a08e9c61a74c05087894

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3273
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 04:08:37 GMT
etag: "1847ac16465e62d7308bdd6092bc2c56"
last-modified: Fri, 13 Jan 2023 19:40:48 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-id: lm_Wsa3N-vQ2X5UurHFBXZoBf7WXfRG1qATERCMFRPsJZ6xHBh7SCA==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 configuration Show response
api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/ 3 KB
2 KB 424ms
363ms Script
application/javascript 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NzM3NTg5MjgsImp0aSI6ImNmYWZhOTNjLTQ1MDUtNDc5YS1hMDViLWU1NGFmYTdlYTk5NCIsInN1YiI6ImNneHZ6MjR4ZGp4OTUyajciLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6ImNneHZ6MjR4ZGp4OTUyajciLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.gBZRhaHVL_cMPIewzisoDQO-5AJFMP80F13gS2tmyb1zz5w8T8sNFLJV1ViXAU9iFMsZe80oySHzkVXP9MjpwQ&callback=callback_jsona203f353f81e4f1f8ca606dca7fb2252

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

99760e9940f9a1de63066497c1973841de76973876af3d86929b21aeaa6c74e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains
paypal-debug-id: cd54e526d1ea4
x-xss-protection: 1; mode=block
x-request-id: 1d4efb30-b590-4af5-ac4f-03f2acd10cd7
x-runtime: 0.236597
referrer-policy: strict-origin-when-cross-origin
etag: W/"cd182bbdd0ff11827e00079092282843"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
x-braintree-merchant-shard: 1
cache-control: max-age=0, private, must-revalidate
x-broxyid: 1d4efb30-b590-4af5-ac4f-03f2acd10cd7

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=831916669&t=pageview&_s=7&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&dp=%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAGACI~&jid=&gjid=&cid=1231150126.1673672527&tid=UA-3837893-1&_gid=1180984556.1673672527&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=1368677590

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 02:51:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7837
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=831916669&t=pageview&_s=2&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&dp=%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAGACI~&jid=&gjid=&cid=1231150126.1673672527&tid=UA-225158-16&_gid=1180984556.1673672527&z=2008947556

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 02:51:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7837
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1070099938/ 42 B
138 B 28ms
28ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1070099938/?random=1673672527984&cv=11&fst=1673672400000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&fmt=3&is_vtc=1&random=3329562444&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1070099938/ 42 B
154 B 61ms
28ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1070099938/?random=1673672527984&cv=11&fst=1673672400000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&fmt=3&is_vtc=1&random=3329562444&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 52ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-63NN87E39V&gtm=2oe1a1&_p=831916669&cid=1231150126.1673672527&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673672528&sct=1&seg=0&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&dt=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-63NN87E39V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://givenow.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/970754387/ 42 B
64 B 28ms
27ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/970754387/?random=1673672527937&cv=11&fst=1673672400000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&fmt=3&is_vtc=1&random=2846064692&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/970754387/ 42 B
108 B 62ms
30ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/970754387/?random=1673672527937&cv=11&fst=1673672400000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&fmt=3&is_vtc=1&random=2846064692&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5527522.js Show response
bat.bing.com/p/action/ 0
118 B 112ms
107ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5527522.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 14 Jan 2023 05:02:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 14128CB7F23B461DA916EF7FFE894272 Ref B: FRAEDGE1919 Ref C: 2023-01-14T05:02:08Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 36ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5527522&Ver=2&mid=d54fa364-1b6b-4935-8acf-c8213835f2eb&sid=98ab132093c811edade77b39955caa4a&vid=98ab607093c811edb7763789762c23ff&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&p=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986%23!%2Fdonation%2Fcheckout&r=&lt=1869&evt=pageLoad&sv=1&rn=489569

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 14 Jan 2023 05:02:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4656AC959F9C41699788DF625BD53006 Ref B: FRAEDGE1919 Ref C: 2023-01-14T05:02:08Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/1/ 49 B
532 B 167ms
131ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/67fe2a1b26?a=363721230&v=1221.PROD&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3522&ck=0&s=d1ed87058972584d&ref=https://givenow.lls.org/give/342076/&ap=523.170978&be=1859&fe=565&dc=562&tt=ef3c5dc11698e362&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1673672524730,%22n%22:0,%22f%22:283,%22dn%22:283,%22dne%22:321,%22c%22:321,%22s%22:328,%22ce%22:339,%22rq%22:339,%22rp%22:1441,%22rpe%22:1640,%22dl%22:1444,%22di%22:1645,%22ds%22:1850,%22de%22:1850,%22dc%22:1856,%22l%22:1856,%22le%22:1869%7D,%22navigation%22:%7B%7D%7D&fp=2877&fcp=2877&jsonp=NREUM.setToken
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 14 Jan 2023 05:02:08 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 7893d155d993694c-FRA

POST
H2 200 csp-report
q.stripe.com/ Frame 6B57 0
599 B 169ms
169ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6B57 297 KB
71 KB 26ms
26ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-42403bea3e9762e19fe063cd3cfe5b3a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

ce93eac5ccaa686fd347654cc091691be4dec021a70f48337246e70efadd5abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-42403bea3e9762e19fe063cd3cfe5b3a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 04:42:01 GMT
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1210
x-cache: Hit from cloudfront
last-modified: Fri, 13 Jan 2023 19:40:57 GMT
server: Cloudfront
etag: W/"a2f1809e92072c20b0f9a844ea824708"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: thZ9Q3Y1XFL-ss8IBr9OLwDoDNnUWlf33_7UoUKPZoqr37y_liS44Q==

GET
H2 200 controller-9aa00c1d8fbbf44028dedcd6050ca71e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6B57 456 KB
121 KB 37ms
37ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-9aa00c1d8fbbf44028dedcd6050ca71e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-42403bea3e9762e19fe063cd3cfe5b3a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

4f28fe0c3a1439444e2074afc417d056e83c68b1622650903b58e75746c154c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-42403bea3e9762e19fe063cd3cfe5b3a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 04:42:01 GMT
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1209
x-cache: Hit from cloudfront
last-modified: Fri, 13 Jan 2023 19:40:55 GMT
server: Cloudfront
etag: W/"836905c3f48a17f4cada0081e467e328"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 4GvjqPuG3ixnaha_AgpbLA0Ny33eADg5OojSRqf5h2mu8dFvUEZs2Q==

POST
H2 200 csp-report
q.stripe.com/ Frame B7A2 0
599 B 169ms
168ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B7A2 0
599 B 169ms
168ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame B7A2 104 KB
33 KB 120ms
69ms Script
application/javascript 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-93b504e78741eeb501e684e780bd6128.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c7719759ed18842cee7144c5bec7f52f6938c3c8d058524616c5e4ae2e6b786

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-q5I60ixzzJD3Vp8NJB3bsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-q5I60ixzzJD3Vp8NJB3bsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 14 Jan 2023 05:02:08 GMT

GET
H2 200 shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B7A2 297 KB
71 KB 48ms
47ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-93b504e78741eeb501e684e780bd6128.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

ce93eac5ccaa686fd347654cc091691be4dec021a70f48337246e70efadd5abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-93b504e78741eeb501e684e780bd6128.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 05:02:08 GMT
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1210
x-cache: Hit from cloudfront
last-modified: Fri, 13 Jan 2023 19:40:57 GMT
server: Cloudfront
etag: W/"a2f1809e92072c20b0f9a844ea824708"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Utv_QiyhftXuewf8I9dFvkIiegtPXzfeTc3cf_YoGxu-LZWQCYXtXA==

GET
H2 200 payment-request-inner-google-pay-70aa7563fbb1744f5311401b135059d1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B7A2 9 KB
4 KB 24ms
24ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-70aa7563fbb1744f5311401b135059d1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-93b504e78741eeb501e684e780bd6128.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

4e3c6cbdb71bec2b4e19fae5374e1b234363dbea96692b87060391aed926ac89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-93b504e78741eeb501e684e780bd6128.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 04:42:55 GMT
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1157
x-cache: Hit from cloudfront
last-modified: Fri, 13 Jan 2023 19:40:57 GMT
server: Cloudfront
etag: W/"1c77489e1242b98d1af0d4132d81385f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _6IhI_8Ccpla-zaYUWHrU1N_jLa2ux-O2dVvLVmOlZdWfL-lB-n8yg==

POST
H2 200 csp-report
q.stripe.com/ Frame BE06 0
599 B 168ms
167ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame BE06 0
599 B 168ms
167ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BE06 297 KB
71 KB 45ms
44ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-28770122ed88aa037514ab2c18a0a1ac.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

ce93eac5ccaa686fd347654cc091691be4dec021a70f48337246e70efadd5abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-28770122ed88aa037514ab2c18a0a1ac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 05:02:08 GMT
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1210
x-cache: Hit from cloudfront
last-modified: Fri, 13 Jan 2023 19:40:57 GMT
server: Cloudfront
etag: W/"a2f1809e92072c20b0f9a844ea824708"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: DO2IsxSRMKxfW59oXwaywnRnikR-pxpOOX6f-EsN50IebCssVfr_bA==

GET
H2 200 payment-request-inner-browser-62b851077f9da9acc452dca532fa7672.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BE06 11 KB
5 KB 45ms
45ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-62b851077f9da9acc452dca532fa7672.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-28770122ed88aa037514ab2c18a0a1ac.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

b94eb502e26770c9d54de519d7225c016d31cf33584446e77dbaefae9d7dfb13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-28770122ed88aa037514ab2c18a0a1ac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 04:41:21 GMT
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1410
x-cache: Hit from cloudfront
last-modified: Wed, 11 Jan 2023 17:29:23 GMT
server: Cloudfront
etag: W/"143881bdb912f2223ebc11f7378e2f5e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: igbt6Rzo7anee7oj1y1Z4Uz-3XZQezedKKCv_0t6rfy3kIpG9rEWPA==

POST
H2 200 csp-report
q.stripe.com/ Frame 8F77 0
599 B 168ms
166ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8F77 0
599 B 170ms
169ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8F77 297 KB
71 KB 59ms
58ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-1847ac16465e62d7308bdd6092bc2c56.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

ce93eac5ccaa686fd347654cc091691be4dec021a70f48337246e70efadd5abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-1847ac16465e62d7308bdd6092bc2c56.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 05:02:08 GMT
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1210
x-cache: Hit from cloudfront
last-modified: Fri, 13 Jan 2023 19:40:57 GMT
server: Cloudfront
etag: W/"a2f1809e92072c20b0f9a844ea824708"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: iXAshGyYiVxqhM1P_gMIF9TAAT0tvyVdVDa1JXvDqN5Nd-YrS3zE8A==

GET
H2 200 ui-shared-931a4bcf9d77eabac9950c1b296a57ca.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8F77 245 KB
74 KB 63ms
62ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-931a4bcf9d77eabac9950c1b296a57ca.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-1847ac16465e62d7308bdd6092bc2c56.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

663e5df2652820bbf1eaa805935fb63d22987e834df12d2223638171bc87234c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-1847ac16465e62d7308bdd6092bc2c56.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 04:42:41 GMT
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1187
x-cache: Hit from cloudfront
last-modified: Fri, 13 Jan 2023 19:40:57 GMT
server: Cloudfront
etag: W/"0437985c052333a43f3f20d9580d7665"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: QE2NOe_PeLsQqUN4akOF1fymGN3oDwP1WPxluWa9fTwNkuXKa1UFZQ==

GET
H2 200 elements-inner-card-fa68d187fb6a78d5525368388784401c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8F77 49 KB
13 KB 46ms
42ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-fa68d187fb6a78d5525368388784401c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-1847ac16465e62d7308bdd6092bc2c56.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

56a66e9fd82f6b7e378631a38ed74e3872a246e7300744ef0d9bf75e041232d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-1847ac16465e62d7308bdd6092bc2c56.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 04:48:16 GMT
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1182
x-cache: Hit from cloudfront
last-modified: Fri, 13 Jan 2023 19:40:55 GMT
server: Cloudfront
etag: W/"95e28265400f2d0803be3b70a7b737c0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 75ovh6HVQn5S9e4MpsDoAqgXinCquLXLBad30Y8t3rP3acnmZtAxxw==

GET
H2 200 ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css
js.stripe.com/v3/fingerprinted/css/ Frame 8F77 19 KB
3 KB 62ms
61ms Stylesheet
text/css 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-1847ac16465e62d7308bdd6092bc2c56.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

0c5081ecc9f9ecdf2c760f97886c380097c444ecd4676884ff3c67bfbc0ec6a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-1847ac16465e62d7308bdd6092bc2c56.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 04:28:43 GMT
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 2022
x-cache: Hit from cloudfront
last-modified: Thu, 08 Dec 2022 20:57:41 GMT
server: Cloudfront
etag: W/"946f1f202e973574c4704321cd043858"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6sSmzH92SU8FVuriWlN4k38dfQeXRzA_OyoGWRfWoaGqvHApsgw_1Q==

GET
H2 200 elements-inner-card-d9d972126b462d65969312f647a84b06.css
js.stripe.com/v3/fingerprinted/css/ Frame 8F77 6 KB
1 KB 61ms
61ms Stylesheet
text/css 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-d9d972126b462d65969312f647a84b06.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-1847ac16465e62d7308bdd6092bc2c56.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

00e36531f4b9f2e150d8cee1426720010f931c131329b81f8d4c166fe668b7a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-1847ac16465e62d7308bdd6092bc2c56.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 04:44:40 GMT
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1071
x-cache: Hit from cloudfront
last-modified: Wed, 11 Jan 2023 17:29:13 GMT
server: Cloudfront
etag: W/"c0c4281ef8abaf8101f756e744c63e53"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: H2RWyKkNLTy3oeuwykf9tDLle4ucZxog7tGku3awbjznado9mFuSLA==

POST
H2 200 csp-report
q.stripe.com/ Frame FBB4 0
599 B 248ms
247ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FBB4 297 KB
71 KB 62ms
61ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-42403bea3e9762e19fe063cd3cfe5b3a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

ce93eac5ccaa686fd347654cc091691be4dec021a70f48337246e70efadd5abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-42403bea3e9762e19fe063cd3cfe5b3a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 05:02:08 GMT
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1210
x-cache: Hit from cloudfront
last-modified: Fri, 13 Jan 2023 19:40:57 GMT
server: Cloudfront
etag: W/"a2f1809e92072c20b0f9a844ea824708"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ioT5HyDtxDLpdbINOXF8F5-xtVgfYnS4oEuJkVUmD1h1bqs11HKtIw==

GET
H2 200 controller-9aa00c1d8fbbf44028dedcd6050ca71e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FBB4 456 KB
121 KB 65ms
65ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-9aa00c1d8fbbf44028dedcd6050ca71e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-42403bea3e9762e19fe063cd3cfe5b3a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

Cloudfront /

Resource Hash

4f28fe0c3a1439444e2074afc417d056e83c68b1622650903b58e75746c154c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-42403bea3e9762e19fe063cd3cfe5b3a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 05:02:08 GMT
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1209
x-cache: Hit from cloudfront
last-modified: Fri, 13 Jan 2023 19:40:55 GMT
server: Cloudfront
etag: W/"836905c3f48a17f4cada0081e467e328"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6HaDvFvcfXCri-frZs6v7zL8_Vye2UlMTy9MagV9yI46laBVBlgk3A==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 9044 1 KB
765 B 177ms
111ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=f00af5870eb8eecfa46e9c104a3c5addf293068d

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.3da3731af9a8a2b242ed5500485bb22f.html?origin=https%3A%2F%2Fgivenow.lls.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

fc081c346c34f8c2a7319043423eab223502fb8100390fa118c9ce57a07fd179

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-response-time: 105
date: Sat, 14 Jan 2023 05:02:07 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sat, 14 Jan 2023 05:02:08 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: ccbbb01c881058eb
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 117bde66900d9fe056408c5d5162168db21cabafc8b4a16aade9e3778280fbdd
content-length: 445

GET
H2 200 rules-p--C-1BUzjxqyCQ.js Show response
rules.quantcount.com/ 7 KB
2 KB 61ms
8ms Script
application/javascript 2600:9000:211e:6000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p--C-1BUzjxqyCQ.js
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a8eae662e01a138b9efa50f109ae2a9205fc53a3262916727551470ac441e1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 04:56:24 GMT
content-encoding: gzip
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 2027
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Sat, 30 Apr 2022 03:35:07 GMT
server: AmazonS3
etag: W/"e68d0e9c216771ac3c9b658393e29e79"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: uO2kp0CdZFaB4AQEh93G62yDMPZZOQcpd8bvBNJpH_zVHoa_ijyr2w==

GET
H3

200

/
www.google.de/pagead/1p-conversion/1070099938/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1386838610&cv=11&fst=1673672527987&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbo...
https://www.google.com/pagead/1p-conversion/1070099938/?random=1386838610&cv=11&fst=1673672527987&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadse...
https://www.google.de/pagead/1p-conversion/1070099938/?random=1386838610&cv=11&fst=1673672527987&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadser...

42 B
64 B

31ms
31ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1070099938/?random=1386838610&cv=11&fst=1673672527987&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=500378098.1673672528&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0otRW5nWVFuS0NBNmYtcDZLWVhFaVVBTG5heEtjcjFiTDdhSWhrZGhleUw2T09aUjZzclRnWk5Ja2Z1YWVfNXZwSWZRZndoGlhDaEVJZ0otRW5nWVF5Sjdrc3VUQl9ibnJBUkl0QU1BeVJpZUJhb2JtdkFLUWJ5a1ZLaW0tLVBqbGkxSy1YN2NINHJaYi1nTlZpUGk1cUVEak5iczhfa3A4&is_vtc=1&ocp_id=UDfCY7vcDpHJmLAP_9qQwAc&cid=CAQSKQDq26N9NHXSSmdjWw4hTdhbSODTzm4AYZnhAPmOurEgPjQ_OoF6tuMzIBM&eitems=ChEIgJ-EngYQueCe34z8vfn5ARIdAHw4BgMmBQTRRnW77LwFeKzbhiCUp2Atou5A2fo&random=1841767409&ipr=y&prhg=0&ezwbk=AZuM4hDMLueHhrVO87tnx8BSl5ToGonst1RpNSM0TS7g_Q-nJrRIUKAyKiDiRhR9ES1I01lGLSX-hv_FBSPxW951fqMY

Protocol

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1070099938/?random=1386838610&cv=11&fst=1673672527987&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=500378098.1673672528&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0otRW5nWVFuS0NBNmYtcDZLWVhFaVVBTG5heEtjcjFiTDdhSWhrZGhleUw2T09aUjZzclRnWk5Ja2Z1YWVfNXZwSWZRZndoGlhDaEVJZ0otRW5nWVF5Sjdrc3VUQl9ibnJBUkl0QU1BeVJpZUJhb2JtdkFLUWJ5a1ZLaW0tLVBqbGkxSy1YN2NINHJaYi1nTlZpUGk1cUVEak5iczhfa3A4&is_vtc=1&ocp_id=UDfCY7vcDpHJmLAP_9qQwAc&cid=CAQSKQDq26N9NHXSSmdjWw4hTdhbSODTzm4AYZnhAPmOurEgPjQ_OoF6tuMzIBM&eitems=ChEIgJ-EngYQueCe34z8vfn5ARIdAHw4BgMmBQTRRnW77LwFeKzbhiCUp2Atou5A2fo&random=1841767409&ipr=y&prhg=0&ezwbk=AZuM4hDMLueHhrVO87tnx8BSl5ToGonst1RpNSM0TS7g_Q-nJrRIUKAyKiDiRhR9ES1I01lGLSX-hv_FBSPxW951fqMY
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/779965559/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/779965559/?random=1668165553&cv=11&fst=1673672527985&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9f...
https://www.google.com/pagead/1p-conversion/779965559/?random=1668165553&cv=11&fst=1673672527985&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadser...
https://www.google.de/pagead/1p-conversion/779965559/?random=1668165553&cv=11&fst=1673672527985&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadserv...

42 B
108 B

32ms
31ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/779965559/?random=1668165553&cv=11&fst=1673672527985&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=500378098.1673672528&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0otRW5nWVFuS0NBNmYtcDZLWVhFaVVBTG5heEtjcjFiTDdhSWhrZGhleUw2T09aUjZzclRnWk5Ja2Z1YWVfNXZwSWZRZndoGlhDaEVJZ0otRW5nWVF5Sjdrc3VUQl9ibnJBUkl0QU1BeVJpZWJfdlFsMDhKSHpGend1Z1Z6WUs1QjY5Ty1mRHlWZXRhcjJfYU5JNnduMDJKeHZLenZYbUJo&is_vtc=1&ocp_id=UDfCY9LZDq2MmLAPs7qN0AI&cid=CAQSKQDq26N9YZtfK8Iesr6oBK1K7ARkFhk2Je5BLZb8QMfJCDbF2L6tS8GoIBM&eitems=ChEIgJ-EngYQueCe34z8vfn5ARIdAHw4BgNN9RIy6-Bs8CcevIb8u5t4HlvoIeYZ8jA&random=3181740069&ipr=y&prhg=0&ezwbk=AZuM4hCzeWKZcfJG1QND5E4D9zM986e_1KBuDIGqDf0LAt0eTIP0fP-Y2MDPKAag0H0Bg6rs3JJs6ROdPQXAC4sGpgVm

Protocol

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/779965559/?random=1668165553&cv=11&fst=1673672527985&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=500378098.1673672528&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0otRW5nWVFuS0NBNmYtcDZLWVhFaVVBTG5heEtjcjFiTDdhSWhrZGhleUw2T09aUjZzclRnWk5Ja2Z1YWVfNXZwSWZRZndoGlhDaEVJZ0otRW5nWVF5Sjdrc3VUQl9ibnJBUkl0QU1BeVJpZWJfdlFsMDhKSHpGend1Z1Z6WUs1QjY5Ty1mRHlWZXRhcjJfYU5JNnduMDJKeHZLenZYbUJo&is_vtc=1&ocp_id=UDfCY9LZDq2MmLAPs7qN0AI&cid=CAQSKQDq26N9YZtfK8Iesr6oBK1K7ARkFhk2Je5BLZb8QMfJCDbF2L6tS8GoIBM&eitems=ChEIgJ-EngYQueCe34z8vfn5ARIdAHw4BgNN9RIy6-Bs8CcevIb8u5t4HlvoIeYZ8jA&random=3181740069&ipr=y&prhg=0&ezwbk=AZuM4hCzeWKZcfJG1QND5E4D9zM986e_1KBuDIGqDf0LAt0eTIP0fP-Y2MDPKAag0H0Bg6rs3JJs6ROdPQXAC4sGpgVm
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 489186234582967 Show response
connect.facebook.net/signals/config/ 569 KB
168 KB 18ms
14ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/489186234582967?v=2.9.92&r=stable

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de0687ae5f8946ecd3367d342960a2337af5d0da5867868039f65dfc1e0255ed

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Jan 2023 05:02:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 171295
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: epTanOJpfKODkLFOeigNxTaKrh6eREtRYqQ2bE+SgURc2+280b1YJNjrTy1ff6vV3r40KlpmuBCiqapshOqRpw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 configuration Show response
api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/ 3 KB
2 KB 438ms
437ms Script
application/javascript 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NzM3NTg5MjgsImp0aSI6IjEzOTBlYmVkLTJlZDItNGI3NS05OGJmLWI2YWU1YmNlMzVhNiIsInN1YiI6ImNneHZ6MjR4ZGp4OTUyajciLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6ImNneHZ6MjR4ZGp4OTUyajciLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.spiGT8hQCbidIOOmvb5Mikp42kKU2UZJt61KA7eXxUM_Eiu8mLJCCfNi6c9zVE2ruLLpbbT8p9_OwYQZitc90g&callback=callback_json79df8d0bca5e4e54a6b6ca8819187b01

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

485d4e598aa1912b7577907646baa5428238810e9d1a3d9569ff008b008146c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains
paypal-debug-id: d898755504304
x-xss-protection: 1; mode=block
x-request-id: ed39d64a-fd05-466f-a2f4-1ad33b728696
x-runtime: 0.310958
referrer-policy: strict-origin-when-cross-origin
etag: W/"89e4eff6ed954d2224be6efa0d8206f3"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
x-braintree-merchant-shard: 1
cache-control: max-age=0, private, must-revalidate
x-broxyid: ed39d64a-fd05-466f-a2f4-1ad33b728696

GET
H3

200

/
www.google.de/pagead/1p-conversion/1070099938/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1136262255&cv=11&fst=1673672528167&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbo...
https://www.google.com/pagead/1p-conversion/1070099938/?random=1136262255&cv=11&fst=1673672528167&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadse...
https://www.google.de/pagead/1p-conversion/1070099938/?random=1136262255&cv=11&fst=1673672528167&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadser...

42 B
64 B

32ms
31ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1070099938/?random=1136262255&cv=11&fst=1673672528167&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=500378098.1673672528&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0otRW5nWVFuS0NBNmYtcDZLWVhFaVVBTG5heEtjcjFiTDdhSWhrZGhleUw2T09aUjZzclRnWk5Ja2Z1YWVfNXZwSWZRZndoGlhDaEVJZ0otRW5nWVF5Sjdrc3VUQl9ibnJBUkl0QU1BeVJpZVl4T2xrTGhpU3BLZGhEalU0X0JkWUFIeWlzakpDRWJKWmRyLUFSd0drcWtvVGdNNHkwWkhM&is_vtc=1&ocp_id=UDfCY-zpD4fH1wb8lKDIBw&cid=CAQSKQDq26N93UiyXiRcTMhUboUDeskP5nBbKymYg3CIMl7ydvrRDj7glPyWIBM&eitems=ChEIgJ-EngYQueCe34z8vfn5ARIdAHw4BgNpA_9CgogxbaAfszaagqpd2UBhwMarDT0&random=174878127&ipr=y&prhg=0&ezwbk=AZuM4hAG9z7KmqyfDMD9ex-tXhB3qwl-XGpeN4Jc7dMiPAUZgCSzHDlqE5InEWzK5G3tM4hJVOi_O7x5SfiqeH59wzYa

Protocol

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1070099938/?random=1136262255&cv=11&fst=1673672528167&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1600&u_h=1200&label=4iLcCNaw5qEBEOLbof4D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&tiba=Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society&value=0&auid=500378098.1673672528&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0otRW5nWVFuS0NBNmYtcDZLWVhFaVVBTG5heEtjcjFiTDdhSWhrZGhleUw2T09aUjZzclRnWk5Ja2Z1YWVfNXZwSWZRZndoGlhDaEVJZ0otRW5nWVF5Sjdrc3VUQl9ibnJBUkl0QU1BeVJpZVl4T2xrTGhpU3BLZGhEalU0X0JkWUFIeWlzakpDRWJKWmRyLUFSd0drcWtvVGdNNHkwWkhM&is_vtc=1&ocp_id=UDfCY-zpD4fH1wb8lKDIBw&cid=CAQSKQDq26N93UiyXiRcTMhUboUDeskP5nBbKymYg3CIMl7ydvrRDj7glPyWIBM&eitems=ChEIgJ-EngYQueCe34z8vfn5ARIdAHw4BgNpA_9CgogxbaAfszaagqpd2UBhwMarDT0&random=174878127&ipr=y&prhg=0&ezwbk=AZuM4hAG9z7KmqyfDMD9ex-tXhB3qwl-XGpeN4Jc7dMiPAUZgCSzHDlqE5InEWzK5G3tM4hJVOi_O7x5SfiqeH59wzYa
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPDNkISkxvwCFYxOwgodVo8G5A;src=8977078;type=allpg;cat=allpgst;ord=9205260222087;gtm=2wg1a1;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Dema...
adservice.google.com/ddm/fls/z/ Frame 688A 42 B
494 B 96ms
58ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPDNkISkxvwCFYxOwgodVo8G5A;src=8977078;type=allpg;cat=allpgst;ord=9205260222087;gtm=2wg1a1;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986

Requested by

Host: 8977078.fls.doubleclick.net
URL: https://8977078.fls.doubleclick.net/activityi;dc_pre=CPDNkISkxvwCFYxOwgodVo8G5A;src=8977078;type=allpg;cat=allpgst;ord=9205260222087;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8977078.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKLdkoSkxvwCFVZUwgod32QPlA;src=8977078;type=allpg;cat=allpgun;ord=1;num=8638746598057;gtm=2wg1a1;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium...
adservice.google.com/ddm/fls/z/ Frame A5C2 42 B
107 B 81ms
59ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKLdkoSkxvwCFVZUwgod32QPlA;src=8977078;type=allpg;cat=allpgun;ord=1;num=8638746598057;gtm=2wg1a1;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986

Requested by

Host: 8977078.fls.doubleclick.net
URL: https://8977078.fls.doubleclick.net/activityi;dc_pre=CKLdkoSkxvwCFVZUwgod32QPlA;src=8977078;type=allpg;cat=allpgun;ord=1;num=8638746598057;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8977078.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame F91F 156 B
552 B 539ms
171ms XHR
application/json 54.203.32.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.203.32.168 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-203-32-168.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b9d8c3cd037b335b31a7d5c7318fdf62abf0bd95f1973384e9a78095663b2bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 5FEF 0
181 B 55ms
55ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=nvtufgc&ref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986%23!%2Fdonation%2Fcheckout&upid=r20lbgl&upv=1.1.0
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Sat, 14 Jan 2023 05:02:08 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 6B57 474 B
865 B 69ms
24ms Fetch
application/json 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-7.prg50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 52dbb2708b60352d9ef7949307fdb46733f057b6aa79882bc350a0cdd5554fc6

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-42403bea3e9762e19fe063cd3cfe5b3a.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 14 Jan 2023 05:01:28 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
last-modified: Fri, 13 Jan 2023 20:09:35 GMT
server: Cloudfront
x-amz-cf-pop: PRG50-C1
age: 47
etag: "dc10361db04695f30ca20e4a3a1ac9a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: TEcSUCrc5L4Cm57nLjgrQgL3dvelIvtbCuytfCLs65YGz3l4GGshXQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 8F77 474 B
863 B 54ms
25ms Fetch
application/json 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-7.prg50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 52dbb2708b60352d9ef7949307fdb46733f057b6aa79882bc350a0cdd5554fc6

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-1847ac16465e62d7308bdd6092bc2c56.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
last-modified: Fri, 13 Jan 2023 20:09:35 GMT
server: Cloudfront
x-amz-cf-pop: PRG50-C1
age: 47
etag: "dc10361db04695f30ca20e4a3a1ac9a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: AJfvwK615kBBr1A-9vn9-lc5Bqc1bxae8iS74VxXe8-aPlafUgJGMA==

GET
H2 200 dc_pre=CNTfkoSkxvwCFc9NHgIdJI4Ojw;src=8977078;type=app_star;cat=donatest;ord=1;num=5751521390507;gtm=2wg1a1;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_me...
adservice.google.com/ddm/fls/z/ Frame AD19 42 B
107 B 57ms
56ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNTfkoSkxvwCFc9NHgIdJI4Ojw;src=8977078;type=app_star;cat=donatest;ord=1;num=5751521390507;gtm=2wg1a1;auiddc=*;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986

Requested by

Host: 8977078.fls.doubleclick.net
URL: https://8977078.fls.doubleclick.net/activityi;dc_pre=CNTfkoSkxvwCFc9NHgIdJI4Ojw;src=8977078;type=app_star;cat=donatest;ord=1;num=5751521390507;gtm=2wg1a1;auiddc=500378098.1673672528;u1=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986;u3=;u13=342076;~oref=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8977078.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame FBB4 474 B
863 B 23ms
23ms Fetch
application/json 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-7.prg50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 52dbb2708b60352d9ef7949307fdb46733f057b6aa79882bc350a0cdd5554fc6

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-42403bea3e9762e19fe063cd3cfe5b3a.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
last-modified: Fri, 13 Jan 2023 20:09:35 GMT
server: Cloudfront
x-amz-cf-pop: PRG50-C1
age: 47
etag: "dc10361db04695f30ca20e4a3a1ac9a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: d-moPeGz0DkPp7kpyeOdUNFMFLrsW5_uxQfo6o9PGyNsi1mojdpR1w==

GET
H2 200 pixel;r=2118111973;labels=_fp.event.Default;rf=0;a=p--C-1BUzjxqyCQ;url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023...
pixel.quantserve.com/ 35 B
471 B 22ms
9ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2118111973;labels=_fp.event.Default;rf=0;a=p--C-1BUzjxqyCQ;url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986%23!%2Fdonation%2Fcheckout;uht=2;fpan=1;fpa=P0-319407154-1673672528319;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;ref=;d=lls.org;dst=0;et=1673672528607;tzo=0;ogl=site_name.Classy%2Ctype.website%2Curl.https%3A%2F%2Fgivenow%252Ells%252Eorg%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campai%2Cimage.https%3A%2F%2Fassets%252Eclassy%252Eorg%2F2978622%2Fc2c9cfe4-6ff6-11ed-8b59-0a0aba1c51f3%252Ejpg%2Cdescription.TODAY%20IS%20GIVINGTUESDAY%252E%20Donate%20today%20and%20your%20gift%20will%20be%20matched!%20Together%252C%20we%2Ctitle.Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society;ses=c31a32e1-eb58-44ba-ad9c-2be0fdc34976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=368304066;labels=_fp.event.Masterbrand%20Donate%20start;event=refresh;rf=0;a=p--C-1BUzjxqyCQ;url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26...
pixel.quantserve.com/ 35 B
471 B 23ms
10ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=368304066;labels=_fp.event.Masterbrand%20Donate%20start;event=refresh;rf=0;a=p--C-1BUzjxqyCQ;url=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986%23!%2Fdonation%2Fcheckout;uht=2;fpan=1;fpa=P0-319407154-1673672528319;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;ref=;d=lls.org;dst=0;et=1673672528608;tzo=0;ogl=site_name.Classy%2Ctype.website%2Curl.https%3A%2F%2Fgivenow%252Ells%252Eorg%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campai%2Cimage.https%3A%2F%2Fassets%252Eclassy%252Eorg%2F2978622%2Fc2c9cfe4-6ff6-11ed-8b59-0a0aba1c51f3%252Ejpg%2Cdescription.TODAY%20IS%20GIVINGTUESDAY%252E%20Donate%20today%20and%20your%20gift%20will%20be%20matched!%20Together%252C%20we%2Ctitle.Donate%20to%20The%20Leukemia%20%26%20Lymphoma%20Society;ses=c31a32e1-eb58-44ba-ad9c-2be0fdc34976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 7769 43 KB
22 KB 41ms
41ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF&co=aHR0cHM6Ly9naXZlbm93Lmxscy5vcmc6NDQz&hl=de&v=u35fw2Dx4G0WsO6SztVYg4cV&size=normal&cb=b6pr29t5e46v

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

97d2acac0d041099afa87d772aa7d2a3e505fb1f74a82ffef91ea7a5ce60e3be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z0r_xbWYbrItCzAyK1MXGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22997
content-security-policy: script-src 'report-sample' 'nonce-z0r_xbWYbrItCzAyK1MXGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 05:02:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 link-config Show response
merchant-ui-api.stripe.com/elements/ Frame 6B57 562 B
1 KB 276ms
198ms Fetch
application/json 52.49.17.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/link-config?key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&stripe_js_id=98e5f79e-f6f7-46c4-9984-f2f6f088b8bf

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.49.17.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-17-168.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

51b3b61fa65d9b321d219805ee2885cca416c0c25d1d3973854349620c773ff8

Security Headers

Name	Value
Content-Security-Policy	report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
content-security-policy: report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 562
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
vary: Origin
x-robots-tag: none
access-control-allow-headers: x-stripe-csrf-token
expires: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame DBCE 18 KB
8 KB 67ms
66ms Document
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8423392339a1b818b1eaa670c35bdb6e8ca93c4d7697e241b4c8ec6b949798ee

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-mCgkfe8aQlcShFtH0ArvkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-mCgkfe8aQlcShFtH0ArvkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sat, 14 Jan 2023 05:02:08 GMT
expires: Sat, 14 Jan 2023 05:02:08 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 48ms
16ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=489186234582967&ev=PageView&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986%23!%2Fdonation%2Fcheckout&rl=&if=false&ts=1673672528701&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673672528696.1924475584&eid=ob3_plugin-set_2df97d5f8b1d8e15b537ff9d355a40cd02ee07ee1485b7b80e7ce6af854d5693&it=1673672528347&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Jan 2023 05:02:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 events Show response
capigw.lls.org/ 0
163 B 326ms
102ms XHR
text/plain 54.174.170.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://capigw.lls.org/events

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.174.170.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-174-170-28.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://givenow.lls.org
date: Sat, 14 Jan 2023 05:02:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 link-config Show response
merchant-ui-api.stripe.com/elements/ Frame FBB4 562 B
1 KB 201ms
200ms Fetch
application/json 52.49.17.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/link-config?key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&stripe_js_id=98e5f79e-f6f7-46c4-9984-f2f6f088b8bf

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.49.17.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-17-168.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

216cd21549c69e663beec11fece202c0572c40183074c5b52a8fc387b2181c67

Security Headers

Name	Value
Content-Security-Policy	report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
content-security-policy: report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 562
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
vary: Origin
x-robots-tag: none
access-control-allow-headers: x-stripe-csrf-token
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 176ms
168ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 178ms
171ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 177ms
170ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 179ms
172ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 176ms
170ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 175ms
169ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 177ms
171ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 177ms
172ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 178ms
173ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 177ms
172ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 176ms
171ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 178ms
173ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 177ms
173ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 175ms
174ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 336ms
335ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 328ms
328ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 332ms
331ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 333ms
332ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 328ms
328ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 333ms
332ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 329ms
329ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 329ms
329ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 328ms
328ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 330ms
330ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 329ms
329ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 330ms
330ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 332ms
332ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 331ms
330ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 328ms
328ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 331ms
331ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/ Frame 7769 52 KB
24 KB 48ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF&co=aHR0cHM6Ly9naXZlbm93Lmxscy5vcmc6NDQz&hl=de&v=u35fw2Dx4G0WsO6SztVYg4cV&size=normal&cb=b6pr29t5e46v

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:08:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 10:00:40 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/ Frame 7769 403 KB
160 KB 45ms
14ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99cd5a24866ea8bad0bfe2dbf8fc9e6cac0ad653cbe23e16ff49d79f6ca64fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 22:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164056
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:08:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 22:27:13 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 317ms
316ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:08 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame A8B2 6 KB
6 KB 109ms
108ms Document
text/html 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=QNTrF6jxSjK3dLAdz3G2WA&dmt=3&ex-pl-n-g-hmt=Bd_Y3fPqTsawNWiWiHlOlg&ep=mfS4I4Lxm4iN8M-0MyueFRFRT2fkegRPYhcbLx3U29H_G0llJPgvlflX-ZXK7dgUnWAhHNNOKhe-h0Nok6W9r2k11EPDtNKvzsXb5L8mXYtLPjXhX-V07sgh8NBvFVU_ftADloXklLLpiy0R7b_jyOP1uNsNZ6BkHkGWvI8BiDGyAEGg6PkYKJ6jyWuAil5-V4qcRpQppDg9vuDUvzlX-yyFBPfvNUBb1SD40QEY6duV5izeQxhi3OohUJIvKghXk1VT0SIIf-HuvS89dcw8OOjE04HPGgc8E2XeXUq6xO_nmKIenEC8G2W58F-ODF0lWDip4Ft9FRQXt3Y7Z__wWa6XqFxDX0ILapI61w5unqnJqdkPklJbcfxVYaptWxhefvsKmiKPoXZ3fBQ1ZdAUsJCOfAznqwT8kOsoLBxUcovssJTn74d4agLutCv-G_cEXDRMU6xGTHp3sIzrhM44ptTn8WXoKDDJhFMo3Xq23vnEzZCn86ae5gg6_QOC4cHLsnoHVuxyup8PijwVO0uRkO5W9Zd_CqVYEJNdVwAIphE

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=912539043203294500&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

214f645c1b0cedee9b8cbde40d76fb369c29bbb8879066b03665ab85dad687f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd69e3acc-c6d4-0564-6cfa-50fde3a78112%26type%3D6%26m%3D1&ex-fch=416613&ex-src=https://www.lls.org&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3DD69E3ACC-C6D4-0564-6CFA-50FDE3A78112&cb=912539043203294500&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 6147
Content-Type: text/html;charset=ISO-8859-1
Date: Sat, 14 Jan 2023 05:02:08 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: MNMKBFN8QN81CGCC49TE

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 1DAB 6 KB
6 KB 108ms
107ms Document
text/html 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=898800766207011800&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

762288a555f3d39ef1cf620ec4933d8e86c5986e3408c2116079f73c31e1032e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D06787e10-5a17-6174-3ce8-f95746aec685%26type%3D32%26m%3D1&ex-fch=416613&ex-src=https://donate.lls.org/lls/donate&ex-hargs=v%3D1.0%3Bc%3D8929603400701%3Bp%3D06787E10-5A17-6174-3CE8-F95746AEC685&cb=898800766207011800&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 6147
Content-Type: text/html;charset=ISO-8859-1
Date: Sat, 14 Jan 2023 05:02:08 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: PD7Z4PA630FWXMYGKJWB

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame DBCE 2 KB
2 KB 19ms
19ms Other
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.x3OuY4uyR-c.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame DBCE 153 KB
54 KB 71ms
57ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.x3OuY4uyR-c.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriNdtadEJ7tflnBRwUk0JSYuvYeeQ/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

221a5e0fb4fe88d36079989738dac52e226cb3526f452124584413f1829ab7b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 17:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55284
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 05:23:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 17:29:29 GMT

POST
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/events/1/ 24 B
403 B 129ms
129ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/67fe2a1b26?a=363721230&v=1221.PROD&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=4026&ck=0&s=d1ed87058972584d&ref=https://givenow.lls.org/give/342076/
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 14 Jan 2023 05:02:08 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://givenow.lls.org
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7893d158bc79694c-FRA
Content-Length: 24

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=831916669&t=timing&_s=8&dl=https%3A%2F%2Fgivenow.lls.org%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&dp=%2Fgive%2F342076%2F%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1673672527213&utt=4013&_u=aGDACEABBAAAAGACI~&jid=&gjid=&cid=1231150126.1673672527&tid=UA-3837893-1&_gid=1180984556.1673672527&cd1=33874&cd2=Classy%20Pay&cd3=7&cd4=donation&cd5=342076&cd6=campaign&cd11=recurring%20optimization&z=1085792221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 02:51:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7837
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7769 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7769 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7769 2 KB
2 KB 15ms
14ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:59:47 GMT
x-content-type-options: nosniff
age: 295341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 17 Jan 2023 18:59:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7769 15 KB
15 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:21:27 GMT
x-content-type-options: nosniff
age: 294041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 19:21:27 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=NwEiRz85RZCRux6KV0SOkw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DNwEiRz85RZCRux6KV0SOkw%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=NwEiRz85RZCRux6KV0SOkw

43 B
479 B

117ms
117ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=NwEiRz85RZCRux6KV0SOkw

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=QNTrF6jxSjK3dLAdz3G2WA&dmt=3&ex-pl-n-g-hmt=Bd_Y3fPqTsawNWiWiHlOlg&ep=mfS4I4Lxm4iN8M-0MyueFRFRT2fkegRPYhcbLx3U29H_G0llJPgvlflX-ZXK7dgUnWAhHNNOKhe-h0Nok6W9r2k11EPDtNKvzsXb5L8mXYtLPjXhX-V07sgh8NBvFVU_ftADloXklLLpiy0R7b_jyOP1uNsNZ6BkHkGWvI8BiDGyAEGg6PkYKJ6jyWuAil5-V4qcRpQppDg9vuDUvzlX-yyFBPfvNUBb1SD40QEY6duV5izeQxhi3OohUJIvKghXk1VT0SIIf-HuvS89dcw8OOjE04HPGgc8E2XeXUq6xO_nmKIenEC8G2W58F-ODF0lWDip4Ft9FRQXt3Y7Z__wWa6XqFxDX0ILapI61w5unqnJqdkPklJbcfxVYaptWxhefvsKmiKPoXZ3fBQ1ZdAUsJCOfAznqwT8kOsoLBxUcovssJTn74d4agLutCv-G_cEXDRMU6xGTHp3sIzrhM44ptTn8WXoKDDJhFMo3Xq23vnEzZCn86ae5gg6_QOC4cHLsnoHVuxyup8PijwVO0uRkO5W9Zd_CqVYEJNdVwAIphE

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EFAXKA47PYNWYHBSPHBY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 05:02:08 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2e0ea1fc-df93-471b-bdbc-ebf474876157
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=NwEiRz85RZCRux6KV0SOkw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame A8B2 43 B
163 B 77ms
21ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=ENAFi1inTDOlUfhHlaq8tg&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT%26id%3D%26sspid%3DSMART_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=QNTrF6jxSjK3dLAdz3G2WA&dmt=3&ex-pl-n-g-hmt=Bd_Y3fPqTsawNWiWiHlOlg&ep=mfS4I4Lxm4iN8M-0MyueFRFRT2fkegRPYhcbLx3U29H_G0llJPgvlflX-ZXK7dgUnWAhHNNOKhe-h0Nok6W9r2k11EPDtNKvzsXb5L8mXYtLPjXhX-V07sgh8NBvFVU_ftADloXklLLpiy0R7b_jyOP1uNsNZ6BkHkGWvI8BiDGyAEGg6PkYKJ6jyWuAil5-V4qcRpQppDg9vuDUvzlX-yyFBPfvNUBb1SD40QEY6duV5izeQxhi3OohUJIvKghXk1VT0SIIf-HuvS89dcw8OOjE04HPGgc8E2XeXUq6xO_nmKIenEC8G2W58F-ODF0lWDip4Ft9FRQXt3Y7Z__wWa6XqFxDX0ILapI61w5unqnJqdkPklJbcfxVYaptWxhefvsKmiKPoXZ3fBQ1ZdAUsJCOfAznqwT8kOsoLBxUcovssJTn74d4agLutCv-G_cEXDRMU6xGTHp3sIzrhM44ptTn8WXoKDDJhFMo3Xq23vnEzZCn86ae5gg6_QOC4cHLsnoHVuxyup8PijwVO0uRkO5W9Zd_CqVYEJNdVwAIphE
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=219783204396000255122&ex=neustar.biz

43 B
479 B

345ms
115ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=219783204396000255122&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZFQD2NMSWTWSC2XQCQAV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:09 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=219783204396000255122&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=FErG4E8MTBWc1dO3je-TEA&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=FErG4E8MTBWc1dO3je-TEA&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y8I3UaCmvoy8f5BMrA-aqgAA

43 B
479 B

110ms
110ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y8I3UaCmvoy8f5BMrA-aqgAA

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SABEGPTVZYDGT526XM2C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y8I3UaCmvoy8f5BMrA-aqgAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3ceed62b6414fa2bad889bdbe469c103

43 B
479 B

318ms
112ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3ceed62b6414fa2bad889bdbe469c103

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: E4VG6QESZGD1TSNH29XH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3ceed62b6414fa2bad889bdbe469c103
date: Sat, 14 Jan 2023 05:02:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

270ms
109ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9AG7BBNTDVXP5129NC6M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Sat, 14 Jan 2023 05:02:09 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=GZ2aaXs1Reu92WeKyoNHxg
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=GZ2aaXs1Reu92WeKyoNHxg&verify=true
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=GZ2aaXs1Reu92WeKyoNHxg

43 B
479 B

232ms
122ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=GZ2aaXs1Reu92WeKyoNHxg

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: R3Y7W6WNMKEC5SP1SHQC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=GZ2aaXs1Reu92WeKyoNHxg
date: Sat, 14 Jan 2023 05:02:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=003ae79b-9057-409d-aa05-c85860974c35

43 B
479 B

313ms
113ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=003ae79b-9057-409d-aa05-c85860974c35

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CH93CET7E6K8QVPKD46T
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=003ae79b-9057-409d-aa05-c85860974c35
Date: Sat, 14 Jan 2023 05:02:09 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame A8B2 43 B
183 B 345ms
99ms Image
image/gif 2600:1f18:612b:4216:ce25:c445:cadd:c70b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=QNTrF6jxSjK3dLAdz3G2WA&dmt=3&ex-pl-n-g-hmt=Bd_Y3fPqTsawNWiWiHlOlg&ep=mfS4I4Lxm4iN8M-0MyueFRFRT2fkegRPYhcbLx3U29H_G0llJPgvlflX-ZXK7dgUnWAhHNNOKhe-h0Nok6W9r2k11EPDtNKvzsXb5L8mXYtLPjXhX-V07sgh8NBvFVU_ftADloXklLLpiy0R7b_jyOP1uNsNZ6BkHkGWvI8BiDGyAEGg6PkYKJ6jyWuAil5-V4qcRpQppDg9vuDUvzlX-yyFBPfvNUBb1SD40QEY6duV5izeQxhi3OohUJIvKghXk1VT0SIIf-HuvS89dcw8OOjE04HPGgc8E2XeXUq6xO_nmKIenEC8G2W58F-ODF0lWDip4Ft9FRQXt3Y7Z__wWa6XqFxDX0ILapI61w5unqnJqdkPklJbcfxVYaptWxhefvsKmiKPoXZ3fBQ1ZdAUsJCOfAznqwT8kOsoLBxUcovssJTn74d4agLutCv-G_cEXDRMU6xGTHp3sIzrhM44ptTn8WXoKDDJhFMo3Xq23vnEzZCn86ae5gg6_QOC4cHLsnoHVuxyup8PijwVO0uRkO5W9Zd_CqVYEJNdVwAIphE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:ce25:c445:cadd:c70b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 14 Jan 2023 05:02:09 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame A8B2 0
123 B 283ms
38ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:09 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

115ms
115ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AX6Q6XTHKE95P0MC5WE7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1673672529148002-332
Expires: Sat, 14 Jan 2023 05:02:09 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

299ms
110ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HNGXE756PMW14N5G02SR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 14 Jan 2023 05:02:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=CDKHSZS0C1VKYEMCW9GJ:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: CDKHSZS0C1VKYEMCW9GJ
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: bF0TlofbqKPQRN_zqmowbgvO2dRitS5LsS8TfB4e8gKDESL5tkSMig==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame A8B2 0
337 B 221ms
30ms Image
text/plain 54.155.45.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=QNTrF6jxSjK3dLAdz3G2WA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=QNTrF6jxSjK3dLAdz3G2WA&dmt=3&ex-pl-n-g-hmt=Bd_Y3fPqTsawNWiWiHlOlg&ep=mfS4I4Lxm4iN8M-0MyueFRFRT2fkegRPYhcbLx3U29H_G0llJPgvlflX-ZXK7dgUnWAhHNNOKhe-h0Nok6W9r2k11EPDtNKvzsXb5L8mXYtLPjXhX-V07sgh8NBvFVU_ftADloXklLLpiy0R7b_jyOP1uNsNZ6BkHkGWvI8BiDGyAEGg6PkYKJ6jyWuAil5-V4qcRpQppDg9vuDUvzlX-yyFBPfvNUBb1SD40QEY6duV5izeQxhi3OohUJIvKghXk1VT0SIIf-HuvS89dcw8OOjE04HPGgc8E2XeXUq6xO_nmKIenEC8G2W58F-ODF0lWDip4Ft9FRQXt3Y7Z__wWa6XqFxDX0ILapI61w5unqnJqdkPklJbcfxVYaptWxhefvsKmiKPoXZ3fBQ1ZdAUsJCOfAznqwT8kOsoLBxUcovssJTn74d4agLutCv-G_cEXDRMU6xGTHp3sIzrhM44ptTn8WXoKDDJhFMo3Xq23vnEzZCn86ae5gg6_QOC4cHLsnoHVuxyup8PijwVO0uRkO5W9Zd_CqVYEJNdVwAIphE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.45.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-45-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: beacon-n011-dub-prod.krxd.net
date: Sat, 14 Jan 2023 05:02:09 GMT
cache-control: private, no-cache, no-store
x-request-time: D=39 t=1673672529
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://s.amazon-adsystem.com/ecm3?id=15ea75cc-e6f9-4a0f-987e-3612993d01cd&ex=improvedigital.com

43 B
479 B

254ms
108ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=15ea75cc-e6f9-4a0f-987e-3612993d01cd&ex=improvedigital.com

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JK5T4892SNW1BGMGE04W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=15ea75cc-e6f9-4a0f-987e-3612993d01cd&ex=improvedigital.com
access-control-allow-origin: *
date: Sat, 14 Jan 2023 05:02:09 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame A8B2 0
263 B 422ms
103ms Image
text/plain 54.84.231.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=QNTrF6jxSjK3dLAdz3G2WA&dmt=3&ex-pl-n-g-hmt=Bd_Y3fPqTsawNWiWiHlOlg&ep=mfS4I4Lxm4iN8M-0MyueFRFRT2fkegRPYhcbLx3U29H_G0llJPgvlflX-ZXK7dgUnWAhHNNOKhe-h0Nok6W9r2k11EPDtNKvzsXb5L8mXYtLPjXhX-V07sgh8NBvFVU_ftADloXklLLpiy0R7b_jyOP1uNsNZ6BkHkGWvI8BiDGyAEGg6PkYKJ6jyWuAil5-V4qcRpQppDg9vuDUvzlX-yyFBPfvNUBb1SD40QEY6duV5izeQxhi3OohUJIvKghXk1VT0SIIf-HuvS89dcw8OOjE04HPGgc8E2XeXUq6xO_nmKIenEC8G2W58F-ODF0lWDip4Ft9FRQXt3Y7Z__wWa6XqFxDX0ILapI61w5unqnJqdkPklJbcfxVYaptWxhefvsKmiKPoXZ3fBQ1ZdAUsJCOfAznqwT8kOsoLBxUcovssJTn74d4agLutCv-G_cEXDRMU6xGTHp3sIzrhM44ptTn8WXoKDDJhFMo3Xq23vnEzZCn86ae5gg6_QOC4cHLsnoHVuxyup8PijwVO0uRkO5W9Zd_CqVYEJNdVwAIphE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.231.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-231-24.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Server: nginx/1.20.0
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=1098e3a4a8bd67b75

43 B
479 B

211ms
111ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=1098e3a4a8bd67b75

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RC3050NG1C77FT4J03E7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 14 Jan 2023 05:02:09 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=1098e3a4a8bd67b75
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aE5taiWYQjykVjHn1zSRTw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aE5taiWYQjykVjHn1zSRTw

43 B
479 B

199ms
116ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aE5taiWYQjykVjHn1zSRTw

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: W6EMKBAQFEME9NG8DBXT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aE5taiWYQjykVjHn1zSRTw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=lOkFEUSKSk2CCDBmTULYjA&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=lOkFEUSKSk2CCDBmTULYjA

43 B
479 B

260ms
106ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=lOkFEUSKSk2CCDBmTULYjA

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GWNG5QRK36GH18EPSAYG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=lOkFEUSKSk2CCDBmTULYjA
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1673672529103071-538
Expires: Sat, 14 Jan 2023 05:02:09 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=g3assmw1QGqGymNeCDviIg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=g3assmw1QGqGymNeCDviIg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=90593307181902252891720279266256523666

43 B
479 B

199ms
112ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=90593307181902252891720279266256523666

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QP2DJT3GX820F5HJMG6K
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-va6-2-v044-0cbd60534.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: cUfdbGqDTFs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=90593307181902252891720279266256523666
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=vVj-ZIJ7TjyoqAcJl7s55w
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812439020702829142&gdpr=&gdpr_consent=

43 B
479 B

167ms
120ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812439020702829142&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CF6TZ5JA3PBMESQAR5DP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:09 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812439020702829142&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame A8B2 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=7903695190915005722

43 B
479 B

203ms
106ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=7903695190915005722

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SGJDKCBBE9SDEDWFPEZD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=7903695190915005722
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=9992ff25-93c8-11ed-b770-160292010306
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=9992feeb-93c8-11ed-b770-160292010306

43 B
479 B

215ms
114ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=9992feeb-93c8-11ed-b770-160292010306

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0SV7BK7RX4HM31NQ35QM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 05:02:09 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=9992feeb-93c8-11ed-b770-160292010306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 102
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22f804e1c1-a2a1-492b-ad8e-04d6b8f94efa%22,%22Time%22:%2220230114T050209.750081%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f804e1c1-a2a1-492b-ad8e-04d6b8f94efa

43 B
479 B

226ms
109ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f804e1c1-a2a1-492b-ad8e-04d6b8f94efa

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: N1M8W27MYR1TTP3SQ2JQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f804e1c1-a2a1-492b-ad8e-04d6b8f94efa
Server: LogModule 0.6
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEObLiRDSzqSM40uNoCAXDBQ&google_cver=1

43 B
479 B

111ms
110ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEObLiRDSzqSM40uNoCAXDBQ&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 38NP336ZRXFTDJCRNZJG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEObLiRDSzqSM40uNoCAXDBQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame A8B2 20 B
20 B 403ms
100ms Image
text/plain 52.1.76.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=QNTrF6jxSjK3dLAdz3G2WA&dmt=3&ex-pl-n-g-hmt=Bd_Y3fPqTsawNWiWiHlOlg&ep=mfS4I4Lxm4iN8M-0MyueFRFRT2fkegRPYhcbLx3U29H_G0llJPgvlflX-ZXK7dgUnWAhHNNOKhe-h0Nok6W9r2k11EPDtNKvzsXb5L8mXYtLPjXhX-V07sgh8NBvFVU_ftADloXklLLpiy0R7b_jyOP1uNsNZ6BkHkGWvI8BiDGyAEGg6PkYKJ6jyWuAil5-V4qcRpQppDg9vuDUvzlX-yyFBPfvNUBb1SD40QEY6duV5izeQxhi3OohUJIvKghXk1VT0SIIf-HuvS89dcw8OOjE04HPGgc8E2XeXUq6xO_nmKIenEC8G2W58F-ODF0lWDip4Ft9FRQXt3Y7Z__wWa6XqFxDX0ILapI61w5unqnJqdkPklJbcfxVYaptWxhefvsKmiKPoXZ3fBQ1ZdAUsJCOfAznqwT8kOsoLBxUcovssJTn74d4agLutCv-G_cEXDRMU6xGTHp3sIzrhM44ptTn8WXoKDDJhFMo3Xq23vnEzZCn86ae5gg6_QOC4cHLsnoHVuxyup8PijwVO0uRkO5W9Zd_CqVYEJNdVwAIphE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.76.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-76-118.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: usermatch-a007-ash-prod.krxd.net
date: Sat, 14 Jan 2023 05:02:10 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f9cd3c54b9d6bbbc06391b9112462dc3

43 B
479 B

202ms
110ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f9cd3c54b9d6bbbc06391b9112462dc3

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7180HH3TFDYM0N0GRQJR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=f9cd3c54b9d6bbbc06391b9112462dc3
date: Sat, 14 Jan 2023 05:02:09 GMT
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
content-length: 0
x-amz-cf-id: _QMekurV2IV2gUVf2V-sTcMwr5ofAjO3Dh0ryjb83-cEuO4zx4X1HQ==
x-cache: Miss from cloudfront

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame A8B2 43 B
304 B 83ms
20ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=QNTrF6jxSjK3dLAdz3G2WA&dmt=3&ex-pl-n-g-hmt=Bd_Y3fPqTsawNWiWiHlOlg&ep=mfS4I4Lxm4iN8M-0MyueFRFRT2fkegRPYhcbLx3U29H_G0llJPgvlflX-ZXK7dgUnWAhHNNOKhe-h0Nok6W9r2k11EPDtNKvzsXb5L8mXYtLPjXhX-V07sgh8NBvFVU_ftADloXklLLpiy0R7b_jyOP1uNsNZ6BkHkGWvI8BiDGyAEGg6PkYKJ6jyWuAil5-V4qcRpQppDg9vuDUvzlX-yyFBPfvNUBb1SD40QEY6duV5izeQxhi3OohUJIvKghXk1VT0SIIf-HuvS89dcw8OOjE04HPGgc8E2XeXUq6xO_nmKIenEC8G2W58F-ODF0lWDip4Ft9FRQXt3Y7Z__wWa6XqFxDX0ILapI61w5unqnJqdkPklJbcfxVYaptWxhefvsKmiKPoXZ3fBQ1ZdAUsJCOfAznqwT8kOsoLBxUcovssJTn74d4agLutCv-G_cEXDRMU6xGTHp3sIzrhM44ptTn8WXoKDDJhFMo3Xq23vnEzZCn86ae5gg6_QOC4cHLsnoHVuxyup8PijwVO0uRkO5W9Zd_CqVYEJNdVwAIphE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:09 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=KpAAYfCS9PTMLdN41Wq0nzc4ZBA4ZgIC

43 B
479 B

152ms
109ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KpAAYfCS9PTMLdN41Wq0nzc4ZBA4ZgIC

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZV0EWQTDG80HNN1CSFWN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OL3krd2%2BW1aPj%2FPKoNlD6T9o62zEoImfAHft9To1nrSyLUrZJ%2FmG6XSnvmSDQ5KUITLaag5WboyHrBLsv6%2FWg4QYhJfhW9SiV8nkt5mBNHkRQgxppSzlHjoToZyFlwTFaOY01Gq8nFP9kg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KpAAYfCS9PTMLdN41Wq0nzc4ZBA4ZgIC
cache-control: no-cache
cf-ray: 7893d15f0e575c50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 xuid
eb2.3lift.com/ Frame A8B2 37 B
139 B 9ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=8341&xuid=3HHaVM03SPixs6amBfpxTw&dongle=az46
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=QNTrF6jxSjK3dLAdz3G2WA&dmt=3&ex-pl-n-g-hmt=Bd_Y3fPqTsawNWiWiHlOlg&ep=mfS4I4Lxm4iN8M-0MyueFRFRT2fkegRPYhcbLx3U29H_G0llJPgvlflX-ZXK7dgUnWAhHNNOKhe-h0Nok6W9r2k11EPDtNKvzsXb5L8mXYtLPjXhX-V07sgh8NBvFVU_ftADloXklLLpiy0R7b_jyOP1uNsNZ6BkHkGWvI8BiDGyAEGg6PkYKJ6jyWuAil5-V4qcRpQppDg9vuDUvzlX-yyFBPfvNUBb1SD40QEY6duV5izeQxhi3OohUJIvKghXk1VT0SIIf-HuvS89dcw8OOjE04HPGgc8E2XeXUq6xO_nmKIenEC8G2W58F-ODF0lWDip4Ft9FRQXt3Y7Z__wWa6XqFxDX0ILapI61w5unqnJqdkPklJbcfxVYaptWxhefvsKmiKPoXZ3fBQ1ZdAUsJCOfAznqwT8kOsoLBxUcovssJTn74d4agLutCv-G_cEXDRMU6xGTHp3sIzrhM44ptTn8WXoKDDJhFMo3Xq23vnEzZCn86ae5gg6_QOC4cHLsnoHVuxyup8PijwVO0uRkO5W9Zd_CqVYEJNdVwAIphE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=606388ED81414D40

43 B
479 B

217ms
107ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=606388ED81414D40

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: A53ERPKSDF22VK0XJVD2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:16 GMT
frontend-id: 6
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=606388ED81414D40
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=3607599579682165127&ex=appnexus.com

43 B
479 B

149ms
107ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=3607599579682165127&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: W2SG9684S7MS7K0E3MY7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 05:02:10 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 15df6168-491a-45ca-b2d8-56fa88834a92
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=3607599579682165127&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=tFvIQJn6Qn6lr8fBcdKtsg&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=tFvIQJn6Qn6lr8fBcdKtsg

43 B
479 B

224ms
122ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=tFvIQJn6Qn6lr8fBcdKtsg

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TGTZ70DGB6RKM4YEHJQ2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=tFvIQJn6Qn6lr8fBcdKtsg
date: Sat, 14 Jan 2023 05:02:09 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=E5_HODhPBcGxpX3bHq5Pbg&ex=rubiconproject.com&status=ok

43 B
479 B

217ms
111ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=E5_HODhPBcGxpX3bHq5Pbg&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YF714CN4B7B10E1QZ7KH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=E5_HODhPBcGxpX3bHq5Pbg&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=Bd_Y3fPqTsawNWiWiHlOlg&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

225ms
104ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: G7SRVXCE28BRMCP1BQMQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadus.exelator.com/load/ Frame A8B2 0
324 B 290ms
28ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=QNTrF6jxSjK3dLAdz3G2WA&dmt=3&ex-pl-n-g-hmt=Bd_Y3fPqTsawNWiWiHlOlg&ep=mfS4I4Lxm4iN8M-0MyueFRFRT2fkegRPYhcbLx3U29H_G0llJPgvlflX-ZXK7dgUnWAhHNNOKhe-h0Nok6W9r2k11EPDtNKvzsXb5L8mXYtLPjXhX-V07sgh8NBvFVU_ftADloXklLLpiy0R7b_jyOP1uNsNZ6BkHkGWvI8BiDGyAEGg6PkYKJ6jyWuAil5-V4qcRpQppDg9vuDUvzlX-yyFBPfvNUBb1SD40QEY6duV5izeQxhi3OohUJIvKghXk1VT0SIIf-HuvS89dcw8OOjE04HPGgc8E2XeXUq6xO_nmKIenEC8G2W58F-ODF0lWDip4Ft9FRQXt3Y7Z__wWa6XqFxDX0ILapI61w5unqnJqdkPklJbcfxVYaptWxhefvsKmiKPoXZ3fBQ1ZdAUsJCOfAznqwT8kOsoLBxUcovssJTn74d4agLutCv-G_cEXDRMU6xGTHp3sIzrhM44ptTn8WXoKDDJhFMo3Xq23vnEzZCn86ae5gg6_QOC4cHLsnoHVuxyup8PijwVO0uRkO5W9Zd_CqVYEJNdVwAIphE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D5237C263D568057702D8A26E

43 B
479 B

111ms
111ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D5237C263D568057702D8A26E

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3GT97XEE12XJXK0TKZEZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 05:02:10 GMT
Server: openresty/1.15.8.2
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D5237C263D568057702D8A26E
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection: keep-alive
Content-Length: 151
Expires: Sat, 14 Jan 2023 05:02:09 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=395fc3632f8e8e0ad0d12ee4c1de082c9bd91c5e7717b85bda01849f62fb96d9

43 B
479 B

203ms
110ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=395fc3632f8e8e0ad0d12ee4c1de082c9bd91c5e7717b85bda01849f62fb96d9

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: M6MK0HSZV7PY0AEZ68Y8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:10 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=395fc3632f8e8e0ad0d12ee4c1de082c9bd91c5e7717b85bda01849f62fb96d9
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=B0ED5F03-9CC4-495F-8F31-D10DDB0B552A

43 B
479 B

148ms
106ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=B0ED5F03-9CC4-495F-8F31-D10DDB0B552A

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HAMSJTVZG0WYST9VM3P7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=B0ED5F03-9CC4-495F-8F31-D10DDB0B552A
date: Sat, 14 Jan 2023 05:02:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A8B2
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=334a3868-71d1-45da-80f3-789d7f227bf2-tuctabbbcd2

43 B
479 B

124ms
110ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=334a3868-71d1-45da-80f3-789d7f227bf2-tuctabbbcd2

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: P0D6N3SETBHPZXBJKC7C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=334a3868-71d1-45da-80f3-789d7f227bf2-tuctabbbcd2
date: Sat, 14 Jan 2023 05:02:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13473

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 7769 102 B
134 B 24ms
24ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=u35fw2Dx4G0WsO6SztVYg4cV

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1dac9c78d0486c8b6f6f81a1c7b145b85d59849c2ea2a7af362212a65388f7bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF&co=aHR0cHM6Ly9naXZlbm93Lmxscy5vcmc6NDQz&hl=de&v=u35fw2Dx4G0WsO6SztVYg4cV&size=normal&cb=b6pr29t5e46v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 14 Jan 2023 05:02:08 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=z-CVcBwCRxu00dsRz754bQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3Dz-CVcBwCRxu00dsRz754bQ%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=z-CVcBwCRxu00dsRz754bQ

43 B
479 B

105ms
105ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=z-CVcBwCRxu00dsRz754bQ

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 90S9PV37ZF87FXE6E2AE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 05:02:08 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 60554acc-97f6-4232-8a8b-d392aa913977
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=z-CVcBwCRxu00dsRz754bQ
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 1DAB 43 B
163 B 70ms
22ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=sQGgfTbiR_-OPBFHi15jvA&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT%26id%3D%26sspid%3DSMART_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:08 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=219103204396000254963&ex=neustar.biz

43 B
479 B

315ms
107ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=219103204396000254963&ex=neustar.biz

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1KKK02T7RHQCKKWFKG2R
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:09 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=219103204396000254963&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=7_cuFpPpTjWUnaQDfb8gmg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=7_cuFpPpTjWUnaQDfb8gmg&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y8I3UaCmvoy8f5BMrA-aqgAA

43 B
479 B

208ms
108ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y8I3UaCmvoy8f5BMrA-aqgAA

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0R17Y1V2C8EAJT9Q4ZPJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y8I3UaCmvoy8f5BMrA-aqgAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3ceed62b6414fa2bad889bdbe469c103

43 B
479 B

319ms
111ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3ceed62b6414fa2bad889bdbe469c103

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B9X8K65AQYKFXXPBBS8X
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3ceed62b6414fa2bad889bdbe469c103
date: Sat, 14 Jan 2023 05:02:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

264ms
105ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EN7MVAKN108KS27KZ1J2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Sat, 14 Jan 2023 05:02:09 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=FOUUU8jTT1e8NpsK1F08RA
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=FOUUU8jTT1e8NpsK1F08RA&verify=true
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=FOUUU8jTT1e8NpsK1F08RA

43 B
479 B

212ms
104ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=FOUUU8jTT1e8NpsK1F08RA

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WVV202VCHBXVA3HGF2ZM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=FOUUU8jTT1e8NpsK1F08RA
date: Sat, 14 Jan 2023 05:02:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=003ae79b-9057-409d-aa05-c85860974c35

43 B
479 B

311ms
111ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=003ae79b-9057-409d-aa05-c85860974c35

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 95GH1TH9Y0ABZK5AGTHB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=003ae79b-9057-409d-aa05-c85860974c35
Date: Sat, 14 Jan 2023 05:02:09 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame 1DAB 43 B
182 B 340ms
100ms Image
image/gif 2600:1f18:612b:4216:ce25:c445:cadd:c70b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:ce25:c445:cadd:c70b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 14 Jan 2023 05:02:09 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 1DAB 0
16 B 278ms
38ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:09 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

107ms
107ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6FHKKG4BK2TJCXNCPAYG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1673672529043030-356
Expires: Sat, 14 Jan 2023 05:02:09 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

295ms
107ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4YDGHZ38QFA6MFNNT6R7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 14 Jan 2023 05:02:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=TMRTMA6TFAK9V66VT5A8:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: TMRTMA6TFAK9V66VT5A8
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: 2xDGCc9RN26ioEnQ5eAjyH3521ehzQvLWQZ6JmXvXGW8GHwGFRCDTw==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 1DAB 0
338 B 220ms
29ms Image
text/plain 54.155.45.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=BYn9kxQ6TK2IVR3D76Go8A&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.45.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-45-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: beacon-n018-dub-prod.krxd.net
date: Sat, 14 Jan 2023 05:02:09 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1673672529
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://s.amazon-adsystem.com/ecm3?id=74d15e90-bd40-4a37-be14-574bea13bbc4&ex=improvedigital.com

43 B
479 B

236ms
107ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=74d15e90-bd40-4a37-be14-574bea13bbc4&ex=improvedigital.com

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1DQ7114W9XNH4DM3F6FV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=74d15e90-bd40-4a37-be14-574bea13bbc4&ex=improvedigital.com
access-control-allow-origin: *
date: Sat, 14 Jan 2023 05:02:09 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 1DAB 0
263 B 418ms
100ms Image
text/plain 54.84.231.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.231.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-231-24.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Server: nginx/1.20.0
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=1098e3a4a892852ba

43 B
479 B

209ms
108ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=1098e3a4a892852ba

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H90QQVMDJACFJ34487VN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 14 Jan 2023 05:02:09 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=1098e3a4a892852ba
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=pgitlfSgQJCgGgTsie1tEQ&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pgitlfSgQJCgGgTsie1tEQ

43 B
479 B

265ms
112ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pgitlfSgQJCgGgTsie1tEQ

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KMARM3FBKYYJXFJ2RCD2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pgitlfSgQJCgGgTsie1tEQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=0i6zjUo0RHChgbuRn9zIFw&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=0i6zjUo0RHChgbuRn9zIFw

43 B
479 B

179ms
106ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=0i6zjUo0RHChgbuRn9zIFw

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3NMSR301HYMZ4MP9E59D
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=8e69837b1aad4cde2faefe53459a4dd8&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=0i6zjUo0RHChgbuRn9zIFw
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1673672529160088-366
Expires: Sat, 14 Jan 2023 05:02:09 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=gurjfSdiRK2ESO-56LAY_g&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=gurjfSdiRK2ESO-56LAY_g&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=33170272415100601293612578458921607712

43 B
479 B

209ms
107ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=33170272415100601293612578458921607712

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 03NQKZJ44ST06N63T65M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-va6-2-v044-0a11dbfb8.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: yOR0KKgITKI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=33170272415100601293612578458921607712
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=KTSgHQLTRla3jjL7iRVkQA
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10809976114470966457&gdpr=&gdpr_consent=

43 B
479 B

202ms
117ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10809976114470966457&gdpr=&gdpr_consent=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PZAQECWGSAY433X9D3F5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:09 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10809976114470966457&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame 1DAB 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6109780412877632497

43 B
479 B

208ms
109ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6109780412877632497

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7HK7QB5ABH90FJ8MSG9G
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6109780412877632497
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=99930504-93c8-11ed-a0af-1fe3cd8f0306
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=99930497-93c8-11ed-a0af-1fe3cd8f0306

43 B
479 B

144ms
105ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=99930497-93c8-11ed-a0af-1fe3cd8f0306

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DD8MSVEN3ANRG1GHCBAV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 05:02:09 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=99930497-93c8-11ed-a0af-1fe3cd8f0306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 64
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%221975fd5c-0ff6-4634-8406-1e91bdc9cf6a%22,%22Time%22:%2220230114T050209.746971%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f804e1c1-a2a1-492b-ad8e-04d6b8f94efa

43 B
479 B

221ms
109ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f804e1c1-a2a1-492b-ad8e-04d6b8f94efa

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RY123MGTQQCB79GV08W6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=f804e1c1-a2a1-492b-ad8e-04d6b8f94efa
Server: LogModule 0.6
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEObLiRDSzqSM40uNoCAXDBQ&google_cver=1

43 B
479 B

110ms
110ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEObLiRDSzqSM40uNoCAXDBQ&google_cver=1

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SJPSSGNQTVSC2NNAPN40
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEObLiRDSzqSM40uNoCAXDBQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame 1DAB 20 B
20 B 413ms
99ms Image
text/plain 52.1.76.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.76.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-76-118.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: usermatch-a006-ash-prod.krxd.net
date: Sat, 14 Jan 2023 05:02:10 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3a6857ada0881ca232fb9d5c3faded00

43 B
479 B

151ms
111ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3a6857ada0881ca232fb9d5c3faded00

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9749M4RAPBB46V4JR4R1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=3a6857ada0881ca232fb9d5c3faded00
date: Sat, 14 Jan 2023 05:02:09 GMT
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
content-length: 0
x-amz-cf-id: 2VjodZJzChZawhMrNfGACMgK2G0_abesCOx9FWq52L4B_4NkTFy7zw==
x-cache: Miss from cloudfront

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 1DAB 43 B
120 B 82ms
21ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:09 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=KpAAYfCS9PTMLdN41Wq0nzc4ZBA4ZgIC

43 B
479 B

152ms
111ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KpAAYfCS9PTMLdN41Wq0nzc4ZBA4ZgIC

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YKM7KHHB0RRYM9CPR8TQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=782q4j%2BBcBDyp0z151N0SDUdjznh0at%2Bvdx9Mqr13I0qm0SMKXpN7XwHLyqeA5fQMUW6%2Fea5bp2%2B7QFHVM0R4%2FTfKghKej3u75m5aVrHiyL4e3qt8lGxMUZdUESY3anPjfCEs5LeY2olFA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KpAAYfCS9PTMLdN41Wq0nzc4ZBA4ZgIC
cache-control: no-cache
cf-ray: 7893d15f1e6d5c50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 xuid
eb2.3lift.com/ Frame 1DAB 37 B
140 B 33ms
10ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=8341&xuid=mSHM1dThTwaMvCis0YM9lA&dongle=az46
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=606388ED81414D40

43 B
479 B

221ms
106ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=606388ED81414D40

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2PA62W8BGW64CBMJWYN1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:16 GMT
frontend-id: 6
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=606388ED81414D40
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=3607599579682165127&ex=appnexus.com

43 B
479 B

222ms
109ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=3607599579682165127&ex=appnexus.com

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X5P480DSQSJREFFX3VCR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 05:02:09 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 370193cb-ac03-46e8-9f71-d7ebbaaff835
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=3607599579682165127&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=sV3RM2rSSU69dqNP0RdpaA&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=sV3RM2rSSU69dqNP0RdpaA

43 B
479 B

159ms
108ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=sV3RM2rSSU69dqNP0RdpaA

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 372TR2XG6Z9DATWRPY6P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=sV3RM2rSSU69dqNP0RdpaA
date: Sat, 14 Jan 2023 05:02:08 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=teygKrmQil8BsprIiT2O98WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

43 B
479 B

180ms
107ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=teygKrmQil8BsprIiT2O98WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7SA4FMBJTPFYY8XB1776
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=teygKrmQil8BsprIiT2O98WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=ySJ4sppwS7y7WxFrcD9pvA&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

181ms
102ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 983V68N8D8HQK7TSY3VE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadus.exelator.com/load/ Frame 1DAB 0
324 B 345ms
28ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D5237C263D468D976022C7B61

43 B
479 B

112ms
111ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D5237C263D468D976022C7B61

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FGDVJ0WSCRHC9QDG5FRC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 14 Jan 2023 05:02:10 GMT
Server: openresty/1.15.8.2
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D5237C263D468D976022C7B61
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection: keep-alive
Content-Length: 151
Expires: Sat, 14 Jan 2023 05:02:09 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=395fc3632f8e8e0ad0d12ee4c1de082c9bd91c5e7717b85bda01849f62fb96d9

43 B
479 B

202ms
110ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=395fc3632f8e8e0ad0d12ee4c1de082c9bd91c5e7717b85bda01849f62fb96d9

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: N1G9WNGXV79FK1ZXVGN9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:10 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=395fc3632f8e8e0ad0d12ee4c1de082c9bd91c5e7717b85bda01849f62fb96d9
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=69031F88-84D8-4421-AA27-C5932B461D57

43 B
479 B

142ms
107ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=69031F88-84D8-4421-AA27-C5932B461D57

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 54V0894ER4XWDXZXPS3G
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=69031F88-84D8-4421-AA27-C5932B461D57
date: Sat, 14 Jan 2023 05:02:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1DAB
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=219be981-6b01-4956-801a-bb22d5bdc501-tuctabbbcd2

43 B
479 B

129ms
113ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=219be981-6b01-4956-801a-bb22d5bdc501-tuctabbbcd2

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=BYn9kxQ6TK2IVR3D76Go8A&dmt=3&ex-pl-n-g-hmt=ySJ4sppwS7y7WxFrcD9pvA&ep=mfS4I4Lxm4iN8M-0MyueFdfMjd1U157Z8sdiF4zCWMAOjqNSZHPCV30PQuy2NlOCDXJ_vzgFrZ4Q5wLalKfbp55AV5mTuuVQmBobTbl5gA3I67B4H2J6gWlFUSf_yio9dugdovKtp9H22ba1o6j771Na7H1OuuXzmK0onj_sO_qKz10sdKewEbzsgBnwmY511DovKoCLidx25zaTs9BYICyFBPfvNUBb1SD40QEY6dsB10sVkFgqgvNrWNjICVBJp5iSI-p_5qB7diL-k6onEiWyszFCsu9NX9oLGjjiKqD0LhvsqNgbTuv8KTjuq-VCWDip4Ft9FRQXt3Y7Z__wWWbb-M4FBuYWz2zYTB8EI_ORWusddLYlGlhGZSfbIgiCc8C3DK0GSgxsdY3jDzG_HwHg_RRa4XlrANHOM7QoaZIwgQFkSItEzulvrj1NbysEPvDZ6kuruueHx3UoZwNDFV7O3VK5WAkcH0mjlxi612fEzZCn86ae5gg6_QOC4cHLxkgmUHifC4tfVopMWPNBY17HdsZgQ1fbeZKlBVAevLA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Jan 2023 05:02:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GYM33KW0C0MKJSDZFKRF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=219be981-6b01-4956-801a-bb22d5bdc501-tuctabbbcd2
date: Sat, 14 Jan 2023 05:02:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13473

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.x3OuY4uyR-c.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_... Frame DBCE 69 KB
25 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.x3OuY4uyR-c.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_UCJhd8oY.L.B1.O/am=zAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriWJyODhCKVOsTKxoyBExaA_5S1-w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.x3OuY4uyR-c.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriNdtadEJ7tflnBRwUk0JSYuvYeeQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7217ef3329d19c12b2d94ce3d96c2244ef11ada5cbf5736c5a51af6fa30b21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 17:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26057
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:32:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 17:30:03 GMT

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
360 B 104ms
104ms XHR
text/plain 54.157.163.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.163.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-163-84.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 14 Jan 2023 05:02:09 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://givenow.lls.org
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 72b239e6-e0c5-4dc0-874c-6bff2badf50e

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame F470 7 KB
1 KB 29ms
25ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=u35fw2Dx4G0WsO6SztVYg4cV&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f59cb9347326d99c10e866004b7b5e177a527442e201e36855f302f5837a18a0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OYe8jPh3l7qFGgBqUlwkKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1118
content-security-policy: script-src 'report-sample' 'nonce-OYe8jPh3l7qFGgBqUlwkKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 05:02:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 169ms
169ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:09 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 169ms
169ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:09 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 169ms
168ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:09 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 169ms
169ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:09 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 170ms
170ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:09 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FBB4 0
157 B 169ms
169ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:09 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 169ms
169ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:09 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame DBCE 1 MB
356 KB 67ms
67ms XHR
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

165bd5e2c2fa4cf279da857740a8d28d5d8816a91ab9942f5788f4544bd3a605

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JtXwLZQ5nwwj_b7NE9-O6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:09 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-JtXwLZQ5nwwj_b7NE9-O6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 14 Jan 2023 05:02:09 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.x3OuY4uyR-c.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_... Frame DBCE 23 KB
9 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.x3OuY4uyR-c.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_UCJhd8oY.L.B1.O/am=zAAg/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriWJyODhCKVOsTKxoyBExaA_5S1-w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4662b4c1a3fd64e2996642065e29be85ad71cbc04aca5f1b296307072d9006c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9226
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:32:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 18:02:36 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.x3OuY4uyR-c.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_... Frame DBCE 35 KB
13 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.x3OuY4uyR-c.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_UCJhd8oY.L.B1.O/am=zAAg/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriWJyODhCKVOsTKxoyBExaA_5S1-w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1082116ce645dec43962ab4c301733b2564c0881ba49c44a2e5a48bf920f061b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13462
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:32:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 18:02:36 GMT

POST
H2 200 log Show response
play.google.com/ Frame DBCE 131 B
273 B 69ms
65ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 14 Jan 2023 05:02:09 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Jan 2023 05:02:09 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 285ms
60ms Preflight
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 14 Jan 2023 05:02:09 GMT
expires: Sat, 14 Jan 2023 05:02:09 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame DBCE 131 B
273 B 67ms
64ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 14 Jan 2023 05:02:09 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Jan 2023 05:02:09 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 284ms
60ms Preflight
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 14 Jan 2023 05:02:09 GMT
expires: Sat, 14 Jan 2023 05:02:09 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame DBCE 131 B
273 B 67ms
64ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 14 Jan 2023 05:02:09 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Jan 2023 05:02:09 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 283ms
61ms Preflight
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 14 Jan 2023 05:02:09 GMT
expires: Sat, 14 Jan 2023 05:02:09 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame DBCE 131 B
273 B 93ms
90ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 14 Jan 2023 05:02:09 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Jan 2023 05:02:09 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 282ms
61ms Preflight
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 14 Jan 2023 05:02:09 GMT
expires: Sat, 14 Jan 2023 05:02:09 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame DBCE 131 B
273 B 92ms
90ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 14 Jan 2023 05:02:09 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Jan 2023 05:02:09 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 281ms
61ms Preflight
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 14 Jan 2023 05:02:09 GMT
expires: Sat, 14 Jan 2023 05:02:09 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame DBCE 131 B
273 B 91ms
89ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 14 Jan 2023 05:02:09 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Jan 2023 05:02:09 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 169ms
168ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:09 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 268ms
62ms Preflight
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 14 Jan 2023 05:02:09 GMT
expires: Sat, 14 Jan 2023 05:02:09 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 170ms
169ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:09 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/ Frame F470 52 KB
24 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=u35fw2Dx4G0WsO6SztVYg4cV&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:08:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 10:00:40 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/ Frame F470 403 KB
160 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=u35fw2Dx4G0WsO6SztVYg4cV&k=6LeRsvwcAAAAAAAGdWMknu7f4ewlEf_5YVOyxIqF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99cd5a24866ea8bad0bfe2dbf8fc9e6cac0ad653cbe23e16ff49d79f6ca64fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 22:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164056
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 00:08:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 22:27:13 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 169ms
169ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:09 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 169ms
169ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:09 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 log Show response
play.google.com/ Frame DBCE 131 B
671 B 245ms
65ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 14 Jan 2023 05:02:09 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Jan 2023 05:02:09 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 6B57 0
157 B 172ms
171ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b3a649c16e1a6e5c45b16a986f8b8d5d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: green
date: Sat, 14 Jan 2023 05:02:09 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 105ms
104ms Image
image/gif 54.156.17.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3917292990020231&v=7342341141338403&s=2557215303044341&b=web&tv=4.0&sp=us&sp=sfmc&sp=um&sp=email&sp=ua&sp=FDA%20Approval_2023013_National&sp=ts&sp=1673672527062&sp=d&sp=givenow.lls.org&sp=h&sp=%2Fgive%2F342076%2F&sp=q&sp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=givenow.lls.org&pp=q&pp=%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DFDA%2BApproval_2023013_National%26utm_id%3D331551%26sfmc_id%3D226152986&pp=h&pp=%2Fgive%2F342076%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=The%20Leukemia%20%26%20Lymphoma%20Society&pp=ts&pp=1673672527062&id0=5477246231257856&k0=environment&k0=prod&k0=organization_id&k0=33874&k0=campaign&k0=342076&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&k0=event_id&k0=1673672529.233279241670&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1673672529215&st=1673672529216

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.17.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Jan 2023 05:02:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 GooglePay-logo.svg
givenow.lls.org/static/global/images/digitalWallets/ 3 KB
2 KB 31ms
30ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:02:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 18:12:28 GMT
server: cloudflare
age: 95616
etag: W/"63bdaa8c-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7893d15baae69ba0-FRA
expires: Sat, 13 Jan 2024 02:28:33 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 52B6 0
72 B 16ms
15ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://givenow.lls.org
Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://givenow.lls.org
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 05:02:09 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ 295 B
797 B 24ms
23ms Script
text/javascript 65.9.95.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/342076/?utm_source=sfmc&utm_medium=email&utm_campaign=FDA+Approval_2023013_National&utm_id=331551&sfmc_id=226152986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS