donate.teamrubiconusa.org Open in urlscan Pro
40.112.243.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trusa.co/Feb24CAstorms
Effective URL:
https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
Submission: On February 05 via manual (February 5th 2024, 11:16:07 pm UTC) from US — Scanned from DE

Summary HTTP 50 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 23 domains to perform 50 HTTP transactions. The main IP is 40.112.243.1, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is donate.teamrubiconusa.org.
TLS certificate: Issued by Thawte TLS RSA CA G1 on March 16th 2023. Valid for: a year.

This is the only time donate.teamrubiconusa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.13 67.199.248.13	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	40.112.243.1 40.112.243.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2600:9000:264... 2600:9000:2644:3800:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	41.63.96.130 41.63.96.130	22822 (LLNW) (LLNW)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	52.239.163.100 52.239.163.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:c127:111a:2add:1285	16509 (AMAZON-02) (AMAZON-02)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
1	2606:4700:10:... 2606:4700:10::ac43:25d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
50	28

1 67.199.248.13 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cname.bitly.com

trusa.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 40.112.243.1 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

donate.teamrubiconusa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2644:3800:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

10169194.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 41.63.96.130 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-41-63-96-130.hhn.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.239.163.100 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

trstorageprod.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:c127:111a:2add:1285 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:25d2 (United States)

ASN13335 (CLOUDFLARENET, US)

teamrubicon3276931z.btttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	teamrubiconusa.org donate.teamrubiconusa.org	3 MB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349 www.linkedin.com — Cisco Umbrella Rank: 632 px4.ads.linkedin.com — Cisco Umbrella Rank: 6550	3 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 10169194.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	5 KB
5	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 3274 d.adroll.com — Cisco Umbrella Rank: 1407	27 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 98	987 B
3	google.de www.google.de — Cisco Umbrella Rank: 6518	626 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 376	14 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3086	267 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1465 insight.adsrvr.org — Cisco Umbrella Rank: 637	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	70 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	btttag.com teamrubicon3276931z.btttag.com	331 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	windows.net trstorageprod.blob.core.windows.net	129 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 789	395 B
1	t.co t.co — Cisco Umbrella Rank: 656	377 B
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 11492	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 745	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 783	16 KB
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2238
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	107 KB
1	trusa.co 1 redirects trusa.co	480 B
50	23

	Domain	Requested by
13	donate.teamrubiconusa.org	donate.teamrubiconusa.org
4	px.ads.linkedin.com	3 redirects donate.teamrubiconusa.org
4	s.adroll.com	1 redirects www.googletagmanager.com donate.teamrubiconusa.org s.adroll.com
3	www.google.de	donate.teamrubiconusa.org
3	www.google.com	1 redirects donate.teamrubiconusa.org
3	bat.bing.com	www.googletagmanager.com bat.bing.com donate.teamrubiconusa.org
2	pixel.sitescout.com	donate.teamrubiconusa.org
2	connect.facebook.net	donate.teamrubiconusa.org connect.facebook.net
2	10169194.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com donate.teamrubiconusa.org
1	teamrubicon3276931z.btttag.com	www.googletagmanager.com
1	insight.adsrvr.org	js.adsrvr.org
1	www.facebook.com	donate.teamrubiconusa.org
1	adservice.google.com	10169194.fls.doubleclick.net
1	js.adsrvr.org	10169194.fls.doubleclick.net
1	d.adroll.com	s.adroll.com
1	trstorageprod.blob.core.windows.net	donate.teamrubiconusa.org
1	analytics.twitter.com	donate.teamrubiconusa.org
1	t.co	donate.teamrubiconusa.org
1	px4.ads.linkedin.com	donate.teamrubiconusa.org
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	donate.teamrubiconusa.org
1	up.pixel.ad	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	script.crazyegg.com	www.googletagmanager.com
1	www.googletagmanager.com	donate.teamrubiconusa.org
1	trusa.co	1 redirects
50	30

This site contains links to these domains. Also see Links.

Domain
teamrubiconusa.org

Subject Issuer	Validity	Valid
*.teamrubiconusa.org Thawte TLS RSA CA G1	`2023-03-16` - `2024-04-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-09` - `2024-03-08`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-15` - `2024-02-13`	3 months	crt.sh
*.pixel.ad GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-09-26` - `2024-09-26`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh

This page contains 4 frames:

Primary Page: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
Frame ID: 5EA9BAAC3D59C9EED77151ACE5DD8D0A
Requests: 45 HTTP requests in this frame

Frame: https://10169194.fls.doubleclick.net/activityi;dc_pre=CKneoamqlYQDFfNIkQUd6ZsGSQ;src=10169194;type=hva1f0;cat=allpa0;ord=3088620910469;npa=0;auiddc=1056727834.1707174961;pscdl=noapi;gtm=45He41v0v72387463za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F
Frame ID: 568B53EF2328A359A1DDE7C8448EEFFA
Requests: 3 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=mn7ndva&ref=https%3A%2F%2Fdonate.teamrubiconusa.org%2F&upid=3y599rv&upv=1.1.0
Frame ID: 57A2327D930306AA0D42649A05030A81
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: A436153D097153BAFF6BAE9C90A71711
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

California Storms: Monitoring

Page URL History Show full URLs

http://trusa.co/Feb24CAstorms HTTP 302
https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

50
Requests

94 %
HTTPS

55 %
IPv6

23
Domains

30
Subdomains

28
IPs

4
Countries

3856 kB
Transfer

4521 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://teamrubiconusa.org/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trusa.co/Feb24CAstorms HTTP 302
https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://10169194.fls.doubleclick.net/activityi;src=10169194;type=hva1f0;cat=allpa0;ord=3088620910469;npa=0;auiddc=1056727834.1707174961;pscdl=noapi;gtm=45He41v0v72387463za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F HTTP 302
https://10169194.fls.doubleclick.net/activityi;dc_pre=CKneoamqlYQDFfNIkQUd6ZsGSQ;src=10169194;type=hva1f0;cat=allpa0;ord=3088620910469;npa=0;auiddc=1056727834.1707174961;pscdl=noapi;gtm=45He41v0v72387463za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F

Request Chain 20

https://s.adroll.com/j/pre/Z4UBGHYDBFC6TJJ5DLFHXE/WEAB5TK2TFCZ7FF4SQWSLI/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 26

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1707174961624&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1707174961624&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D80894%26time%3D1707174961624%26url%3Dhttps%253A%252F%252Fdonate.teamrubiconusa.org%252FDonation%252Ffeb-ca-storms-24%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1707174961624&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1707174961624&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&cookiesTest=true&liSync=true&e_ipv6=AQLja2CFSgihrgAAAY17jqTMCVmfpe11w3JfuEUgHYQN3J_91t3lH4C5c4OBUBZLlcVFjIo2NMCeDIDQEc1ZirF_-UpTvw

Request Chain 38

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/824070334/?random=851217206&cv=11&fst=1707174961510&bg=ffffff&guid=ON&async=1&gtm=45He41v0v72387463za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&label=htU8COfJmd8BEL6h-YgD&hn=www.googleadservices.com&frm=0&tiba=California%20Storms%3A%20Monitoring&value=0&npa=0&pscdl=noapi&auid=1056727834.1707174961&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=MWzBZfP3JdOgxdwPvN-r2AU&sscte=1&crd=CIK9sQII7LuxAg&eitems=ChAIgKuCrgYQ1M_J3drP3IQhEh0AnTytr2nft7-QWo7sTKPICBYOgyH2R1l3WSMeVw&pscrd=Ek9DaEVJZ0t1Q3JnWVE1ZWotdUtiVWxNSDJBUkltQUZLSW82Qk1xVktUdnNjX1JBQ1BlXzBsdVlob19tZUR3Z3Q2SWIxMDVSeTA0aWRscno4GlpDaEVJZ0t1Q3JnWVFzZURXdWUzUDVOXzVBUkl1QUxsSkQ0QXZhNjBBT3lkajNnZU9FZ0FGTkIyREZXOXJmRTRXQmczWGhMc21RNDdEazB0N3NkaTM0blRCY3ciEwiz1KCpqpWEAxVTUJEFHbzvClsyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC HTTP 302
https://www.google.com/pagead/1p-conversion/824070334/?random=851217206&cv=11&fst=1707174961510&bg=ffffff&guid=ON&async=1&gtm=45He41v0v72387463za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&label=htU8COfJmd8BEL6h-YgD&hn=www.googleadservices.com&frm=0&tiba=California%20Storms%3A%20Monitoring&value=0&npa=0&pscdl=noapi&auid=1056727834.1707174961&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQII7LuxAg&pscrd=Ek9DaEVJZ0t1Q3JnWVE1ZWotdUtiVWxNSDJBUkltQUZLSW82Qk1xVktUdnNjX1JBQ1BlXzBsdVlob19tZUR3Z3Q2SWIxMDVSeTA0aWRscno4GlpDaEVJZ0t1Q3JnWVFzZURXdWUzUDVOXzVBUkl1QUxsSkQ0QXZhNjBBT3lkajNnZU9FZ0FGTkIyREZXOXJmRTRXQmczWGhMc21RNDdEazB0N3NkaTM0blRCY3ciEwiz1KCpqpWEAxVTUJEFHbzvClsyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&ocp_id=MWzBZfP3JdOgxdwPvN-r2AU&cid=CAQSKQAvHhf_4pGIaTuGGg4boJWPJkdbrjU9-GVlcUde-510uy6pQhYI8ods&eitems=ChAIgKuCrgYQ1M_J3drP3IQhEh0AnTytr8aFbDYc_HPk6q_AqQPavcCG8TWL7daRnA&random=1967725912 HTTP 302
https://www.google.de/pagead/1p-conversion/824070334/?random=851217206&cv=11&fst=1707174961510&bg=ffffff&guid=ON&async=1&gtm=45He41v0v72387463za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&label=htU8COfJmd8BEL6h-YgD&hn=www.googleadservices.com&frm=0&tiba=California%20Storms%3A%20Monitoring&value=0&npa=0&pscdl=noapi&auid=1056727834.1707174961&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQII7LuxAg&pscrd=Ek9DaEVJZ0t1Q3JnWVE1ZWotdUtiVWxNSDJBUkltQUZLSW82Qk1xVktUdnNjX1JBQ1BlXzBsdVlob19tZUR3Z3Q2SWIxMDVSeTA0aWRscno4GlpDaEVJZ0t1Q3JnWVFzZURXdWUzUDVOXzVBUkl1QUxsSkQ0QXZhNjBBT3lkajNnZU9FZ0FGTkIyREZXOXJmRTRXQmczWGhMc21RNDdEazB0N3NkaTM0blRCY3ciEwiz1KCpqpWEAxVTUJEFHbzvClsyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&ocp_id=MWzBZfP3JdOgxdwPvN-r2AU&cid=CAQSKQAvHhf_4pGIaTuGGg4boJWPJkdbrjU9-GVlcUde-510uy6pQhYI8ods&eitems=ChAIgKuCrgYQ1M_J3drP3IQhEh0AnTytr8aFbDYc_HPk6q_AqQPavcCG8TWL7daRnA&random=1967725912&ipr=y

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
Redirect Chain

http://trusa.co/Feb24CAstorms
https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

8 KB
8 KB

833ms
201ms

Document
text/html

40.112.243.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.112.243.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9d302ed70c55906569cac29cddb826b1e19b8339306166d31310230ac4291a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=utf-8
Date: Mon, 05 Feb 2024 23:15:58 GMT
Request-Context: appId=cid-v1:42889871-8d00-4bf5-8208-0e829c93316f
Server: Kestrel
Strict-Transport-Security: max-age=2592000
Transfer-Encoding: chunked

Redirect headers

Cache-Control: private, max-age=90
Content-Length: 147
Content-Security-Policy: referrer always;
Content-Type: text/html; charset=utf-8
Date: Mon, 05 Feb 2024 23:15:58 GMT
Location: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
Referrer-Policy: unsafe-url
Server: nginx
Strict-Transport-Security: max-age=1209600
Via: 1.1 google

GET
H/1.1 200
OK styles.css
donate.teamrubiconusa.org/build/assets/css/ 3 KB
4 KB 192ms
191ms Stylesheet
text/css 40.112.243.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.teamrubiconusa.org/build/assets/css/styles.css

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.112.243.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0cabb436af3318f77d6b0b0952e550587952f740f43a201994c313fcb8028b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 23:15:58 GMT
Strict-Transport-Security: max-age=2592000
Last-Modified: Fri, 19 Jan 2024 02:34:00 GMT
Server: Kestrel
ETag: "1da4a7ff57151b4"
Content-Type: text/css
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 3508
Request-Context: appId=cid-v1:42889871-8d00-4bf5-8208-0e829c93316f

GET
H/1.1 200
OK bootstrap.min.css
donate.teamrubiconusa.org/build/assets/css/ 157 KB
157 KB 380ms
187ms Stylesheet
text/css 40.112.243.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.teamrubiconusa.org/build/assets/css/bootstrap.min.css

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.112.243.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 23:15:58 GMT
Strict-Transport-Security: max-age=2592000
Last-Modified: Fri, 19 Jan 2024 02:34:00 GMT
Server: Kestrel
ETag: "1da4a7ff5732e88"
Content-Type: text/css
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 160392
Request-Context: appId=cid-v1:42889871-8d00-4bf5-8208-0e829c93316f

GET
H/1.1 200
OK 12.a04e6bba.chunk.css
donate.teamrubiconusa.org/build/static/css/ 90 KB
90 KB 769ms
211ms Stylesheet
text/css 40.112.243.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.teamrubiconusa.org/build/static/css/12.a04e6bba.chunk.css

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.112.243.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

23c546d82404096aa39836095ac4f55e1892d3df65fff06cacee639c2a5e4620

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 23:15:58 GMT
Strict-Transport-Security: max-age=2592000
Last-Modified: Fri, 19 Jan 2024 02:36:28 GMT
Server: Kestrel
ETag: "1da4a804da938c7"
Content-Type: text/css
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 91847
Request-Context: appId=cid-v1:42889871-8d00-4bf5-8208-0e829c93316f

GET
H/1.1 200
OK 12.dc454009.chunk.js Show response
donate.teamrubiconusa.org/build/static/js/ 2 MB
2 MB 754ms
196ms Script
text/javascript 40.112.243.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.teamrubiconusa.org/build/static/js/12.dc454009.chunk.js

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.112.243.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

025c05cc0d035f49273129dfbaf4e0d0c69428c875d645c11bce4eb95f5d7ab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 23:15:58 GMT
Strict-Transport-Security: max-age=2592000
Last-Modified: Fri, 19 Jan 2024 02:36:28 GMT
Server: Kestrel
ETag: "1da4a804d8af731"
Content-Type: text/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 2271537
Request-Context: appId=cid-v1:42889871-8d00-4bf5-8208-0e829c93316f

GET
H/1.1 200
OK main.80885e6a.chunk.js Show response
donate.teamrubiconusa.org/build/static/js/ 815 KB
815 KB 771ms
205ms Script
text/javascript 40.112.243.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.teamrubiconusa.org/build/static/js/main.80885e6a.chunk.js

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.112.243.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

402631f4051d81838daa73791bb44f171c26bd0f42e9df7622ca3b9ec3c004eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 23:15:58 GMT
Strict-Transport-Security: max-age=2592000
Last-Modified: Fri, 19 Jan 2024 02:36:28 GMT
Server: Kestrel
ETag: "1da4a804da4e4da"
Content-Type: text/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 834266
Request-Context: appId=cid-v1:42889871-8d00-4bf5-8208-0e829c93316f

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 388 KB
107 KB 104ms
54ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N2JKFX&l=MCRMDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5aa92eb0465474efbbbe95bf854eb8013ca94b1b973efae52fa9b5160ca06cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:16:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109644
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 22:22:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Feb 2024 23:16:01 GMT

GET
H/1.1 200
OK feb-ca-storms-24 Show response
donate.teamrubiconusa.org/donation/getDonation/ 8 KB
9 KB 208ms
207ms XHR
application/json 40.112.243.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.teamrubiconusa.org/donation/getDonation/feb-ca-storms-24

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/build/static/js/12.dc454009.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.112.243.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

621822d84586a1a66906c95c120670f77a41da5547e6a1aa581200e80a121a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: application/json; charset=utf-8
Date: Mon, 05 Feb 2024 23:16:00 GMT
Strict-Transport-Security: max-age=2592000
Server: Kestrel
Transfer-Encoding: chunked
Request-Context: appId=cid-v1:42889871-8d00-4bf5-8208-0e829c93316f

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JKFX&l=MCRMDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Feb 2024 21:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5272
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 05 Feb 2024 23:48:09 GMT

GET
H2 410 7967.js
script.crazyegg.com/pages/scripts/0013/ 0
0 94ms
34ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0013/7967.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JKFX&l=MCRMDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:16:01 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 11:56:06 GMT
server: cloudflare
age: 40795
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 850edbd5d8a5bbfe-FRA
content-length: 0

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 79 KB
25 KB 80ms
20ms Script
text/javascript 2600:9000:2644:3800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JKFX&l=MCRMDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:3800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27e585924f3db6517265179979c27808cb33658e219b1d8e225a4962a4ad5878

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

X-Amz-Version-Id: 7bIZtA3vA1YGNdQmI5EHSvjdsM2cxr79
Content-Encoding: gzip
Via: 1.1 6e4ed2b1996ce238462d61d3bfff667a.cloudfront.net (CloudFront)
Date: Mon, 05 Feb 2024 23:08:48 GMT
Age: 436
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 05 Feb 2024 13:08:47 GMT
Server: AmazonS3
Etag: W/"d66f58a9587afe0cc201aa313cfdfa3b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: PejG-X1mBcjJjuf2caqap1m9aKg89ghCf8ZDLe8BWMTR6ksHZNtgSg==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 117ms
36ms Script
application/javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JKFX&l=MCRMDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 14:42:29 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=8849
accept-ranges: bytes
content-length: 15732

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 127ms
38ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JKFX&l=MCRMDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:16:01 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-muc13976-MUC

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 105ms
48ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JKFX&l=MCRMDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 05 Feb 2024 23:16:01 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8B06E994452641849DA1267B84738753 Ref B: FRAEDGE1721 Ref C: 2024-02-05T23:16:01Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/968725110/ 3 KB
2 KB 105ms
58ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968725110/?random=1707174961504&cv=11&fst=1707174961504&bg=ffffff&guid=ON&async=1&gtm=45He41v0v72387463za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&hn=www.googleadservices.com&frm=0&tiba=California%20Storms%3A%20Monitoring&npa=0&pscdl=noapi&auid=1056727834.1707174961&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JKFX&l=MCRMDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

562dcbf2a6d5e0044573ed40d27537a512cd690c4ee819a08b4519db0e988e8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 23:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1275
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CKneoamqlYQDFfNIkQUd6ZsGSQ;src=10169194;type=hva1f0;cat=allpa0;ord=3088620910469;npa=0;auiddc=1056727834.1707174961;pscdl=noapi;gtm=45He41v0v72387463za200;gcd=13l3l3l3l1;dma_cps=sy... Show response
10169194.fls.doubleclick.net/ Frame 568B
Redirect Chain

https://10169194.fls.doubleclick.net/activityi;src=10169194;type=hva1f0;cat=allpa0;ord=3088620910469;npa=0;auiddc=1056727834.1707174961;pscdl=noapi;gtm=45He41v0v72387463za200;gcd=13l3l3l3l1;dma_cps...
https://10169194.fls.doubleclick.net/activityi;dc_pre=CKneoamqlYQDFfNIkQUd6ZsGSQ;src=10169194;type=hva1f0;cat=allpa0;ord=3088620910469;npa=0;auiddc=1056727834.1707174961;pscdl=noapi;gtm=45He41v0v72...

1020 B
941 B

65ms
63ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10169194.fls.doubleclick.net/activityi;dc_pre=CKneoamqlYQDFfNIkQUd6ZsGSQ;src=10169194;type=hva1f0;cat=allpa0;ord=3088620910469;npa=0;auiddc=1056727834.1707174961;pscdl=noapi;gtm=45He41v0v72387463za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JKFX&l=MCRMDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

67c1527bd3f76087a8f672d6b0e74d8cf879f35d9dae92b614da5a2beab922e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://donate.teamrubiconusa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 509
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 23:16:01 GMT
expires: Mon, 05 Feb 2024 23:16:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 23:16:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10169194.fls.doubleclick.net/activityi;dc_pre=CKneoamqlYQDFfNIkQUd6ZsGSQ;src=10169194;type=hva1f0;cat=allpa0;ord=3088620910469;npa=0;auiddc=1056727834.1707174961;pscdl=noapi;gtm=45He41v0v72387463za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/824070334/ 3 KB
2 KB 147ms
67ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/824070334/?random=1707174961510&cv=11&fst=1707174961510&bg=ffffff&guid=ON&async=1&gtm=45He41v0v72387463za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&label=htU8COfJmd8BEL6h-YgD&hn=www.googleadservices.com&frm=0&tiba=California%20Storms%3A%20Monitoring&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1056727834.1707174961&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JKFX&l=MCRMDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

c848614130b29593ef608918a9d88bec7553747be7d914863daa8c8b0e135d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 23:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1722
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 64ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 05 Feb 2024 23:16:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: Phbp2Vn05yqw0Uv0tcXKO7aooiLmJaIsrruKovvUDOmHSap+J+Qq1k3yXTjO/E5/T316hlTmMdoj/kBQcTBNNQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 181ms
33ms Script
application/javascript 41.63.96.130
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JKFX&l=MCRMDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 41.63.96.130 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-41-63-96-130.hhn.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:16:01 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 466133
vary: accept-encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: 45b357fb621d1dbf75a97069cd93f705

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
214 B 27ms
27ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1392755873&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&ul=en-us&de=UTF-8&dt=California%20Storms%3A%20Monitoring&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAI~&jid=1954002257&gjid=1628740223&cid=225260262.1707174962&tid=UA-23186019-1&_gid=249111127.1707174962&_slc=1&gtm=45He41v0n71N2JKFXv72387463za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=632570453

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/build/static/js/12.dc454009.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.teamrubiconusa.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 23:16:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.teamrubiconusa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 83ms
28ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-23186019-1&cid=225260262.1707174962&jid=1954002257&gjid=1628740223&_gid=249111127.1707174962&_u=YGBAiEABBAAAAGAAI~&z=112049448

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/build/static/js/12.dc454009.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.teamrubiconusa.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Feb 2024 23:16:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.teamrubiconusa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/Z4UBGHYDBFC6TJJ5DLFHXE/WEAB5TK2TFCZ7FF4SQWSLI/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

21ms
21ms

Script
application/javascript

2600:9000:2644:3800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
Protocol: HTTP/1.1
Server: 2600:9000:2644:3800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Mon, 05 Feb 2024 19:44:40 GMT
Via: 1.1 d72cc6b7011ac53cd6e4d65e0d9f5ac4.cloudfront.net (CloudFront)
Age: 12686
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ru4g6CXa6i9SUUk_BxreZJbSAbHMBeplQJZZAGKPnd5QGmGg0uvwAA==

Redirect headers

Date: Mon, 05 Feb 2024 23:16:01 GMT
Via: 1.1 6e4ed2b1996ce238462d61d3bfff667a.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P6
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: HHHG6cquamByD77tb2dgx6yO0iX3m_9L19eYydvLL7-Inwh6A7itkw==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/Z4UBGHYDBFC6TJJ5DLFHXE/WEAB5TK2TFCZ7FF4SQWSLI/ 0
805 B 647ms
608ms Script
text/javascript 2600:9000:2644:3800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/Z4UBGHYDBFC6TJJ5DLFHXE/WEAB5TK2TFCZ7FF4SQWSLI/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:3800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

X-Amz-Version-Id: Se2Ca4eHaMTx2rmOEI_iX6XEugkpnRsq
Date: Mon, 05 Feb 2024 23:16:03 GMT
Via: 1.1 d72cc6b7011ac53cd6e4d65e0d9f5ac4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Sun, 04 Feb 2024 11:14:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Ys6UcCQajulDUbOCo6-8loQaxUCSJ0Wst1mmdCCXFn0Gty0lFfQt0w==

GET
H2 204 26039304.js Show response
bat.bing.com/p/action/ 0
115 B 47ms
47ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26039304.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 05 Feb 2024 23:16:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CEF310F6CAD04CCE8641140370876520 Ref B: FRAEDGE1721 Ref C: 2024-02-05T23:16:01Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 110ms
110ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26039304&tm=gtm002&Ver=2&mid=265a0b99-847b-4cc1-8609-2c124c94f352&sid=8711cbb0c47c11eebe419fd623cd44ed&vid=8711c7b0c47c11ee89ed738857aecd5e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=California%20Storms%3A%20Monitoring&p=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&r=&lt=3457&evt=pageLoad&sv=1&rn=438604

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 05 Feb 2024 23:16:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 89EFECFD3BC141E4B5C1517E82B68BF3 Ref B: FRAEDGE1721 Ref C: 2024-02-05T23:16:01Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/968725110/ 42 B
455 B 80ms
32ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/968725110/?random=1707174961504&cv=11&fst=1707174000000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v72387463za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&frm=0&tiba=California%20Storms%3A%20Monitoring&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Fw04GfySbQoiiID4Jt5XpxKD9P24dg&random=2817533170&rmt_tld=0&ipr=y

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 23:16:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/968725110/ 42 B
455 B 83ms
34ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/968725110/?random=1707174961504&cv=11&fst=1707174000000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v72387463za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&frm=0&tiba=California%20Storms%3A%20Monitoring&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Fw04GfySbQoiiID4Jt5XpxKD9P24dg&random=2817533170&rmt_tld=1&ipr=y

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 23:16:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1707174961624&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1707174961624&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D80894%26time%3D1707174961624%26url%3Dhttps%253A%252F%252Fdonate.teamrubiconusa.or...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1707174961624&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1707174961624&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&cookiesTest=true&liSync=true&e_ipv6=AQLja2C...

0
265 B

276ms
204ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1707174961624&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&cookiesTest=true&liSync=true&e_ipv6=AQLja2CFSgihrgAAAY17jqTMCVmfpe11w3JfuEUgHYQN3J_91t3lH4C5c4OBUBZLlcVFjIo2NMCeDIDQEc1ZirF_-UpTvw
Requested by: Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:16:01 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 392E35189500497B9B331057C28773D2 Ref B: DUS30EDGE0921 Ref C: 2024-02-05T23:16:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQqqU30f2PIK+y6HarCQ==

Redirect headers

date: Mon, 05 Feb 2024 23:16:02 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: C4D171D1E7794067AB1801AA1532CE28 Ref B: DUS30EDGE0421 Ref C: 2024-02-05T23:16:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1707174961624&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&cookiesTest=true&liSync=true&e_ipv6=AQLja2CFSgihrgAAAY17jqTMCVmfpe11w3JfuEUgHYQN3J_91t3lH4C5c4OBUBZLlcVFjIo2NMCeDIDQEc1ZirF_-UpTvw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQqqUzo+PlRbL5jbCnhg==

GET
H2 200 1589848707967354 Show response
connect.facebook.net/signals/config/ 61 KB
13 KB 121ms
120ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1589848707967354?v=2.9.145&r=stable&domain=donate.teamrubiconusa.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf7ee37f29c59822cf548a87f0439ab3e53ffddf04af130d4239e9065a6154f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 05 Feb 2024 23:16:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: St2wx2JNejZugambh4owIm3xEUBkl5U8PCUQKnxXMuX988lhkkIq+m0fi4DsIARia1IeR/rNqxHXWjXEdvtJlw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 170ms
123ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=561e01bd-5664-42e9-aff5-d2e0a691a5d2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=559e1f49-9203-4b75-a9ac-1e86eb647d16&tw_document_href=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny36y&type=javascript&version=2.3.29

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-response-time: 103
date: Mon, 05 Feb 2024 23:16:00 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e38804dfa5abbd40
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: a9a5e4a787a8081ef79c9e5bd4e6327cc40d19b8b1d253857a68cfab79d05a69
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 181ms
124ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=561e01bd-5664-42e9-aff5-d2e0a691a5d2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=559e1f49-9203-4b75-a9ac-1e86eb647d16&tw_document_href=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny36y&type=javascript&version=2.3.29

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-response-time: 104
date: Mon, 05 Feb 2024 23:16:01 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c1e9f70089dc63da
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: c6658673c4311021154ed858db94be62a582566bee3fa6934c39cc3afb9f901e
content-length: 43

GET
H/1.1 200
OK 7.4b83299d.chunk.js Show response
donate.teamrubiconusa.org/build/static/js/ 3 KB
4 KB 193ms
193ms Script
text/javascript 40.112.243.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.teamrubiconusa.org/build/static/js/7.4b83299d.chunk.js

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.112.243.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

7bf03b4c14d6eb606d6191ee4937e3892c1ca6f94b5c791c58043b4be527150c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 23:16:01 GMT
Strict-Transport-Security: max-age=2592000
Last-Modified: Fri, 19 Jan 2024 02:36:28 GMT
Server: Kestrel
ETag: "1da4a804da85358"
Content-Type: text/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 3416
Request-Context: appId=cid-v1:42889871-8d00-4bf5-8208-0e829c93316f

GET
H/1.1 200
OK ProximaNova-Regular.woff
donate.teamrubiconusa.org/build/assets/fonts/tr/ 73 KB
73 KB 196ms
195ms Font
application/font-woff 40.112.243.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.teamrubiconusa.org/build/assets/fonts/tr/ProximaNova-Regular.woff

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.112.243.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

39c1a56518222b5fbcfac9d82618a8c63d53b4528648b78e28a8ce4914ede415

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
Origin: https://donate.teamrubiconusa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 23:16:01 GMT
Strict-Transport-Security: max-age=2592000
Last-Modified: Fri, 19 Jan 2024 02:34:00 GMT
Server: Kestrel
ETag: "1da4a7ff570786c"
Content-Type: application/font-woff
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 74860
Request-Context: appId=cid-v1:42889871-8d00-4bf5-8208-0e829c93316f

GET
H/1.1 200
OK MissionCRM_Label.fa23e274.svg
donate.teamrubiconusa.org/build/static/media/ 7 KB
7 KB 191ms
191ms Image
image/svg+xml 40.112.243.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.teamrubiconusa.org/build/static/media/MissionCRM_Label.fa23e274.svg

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.112.243.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f47d565ab6a6d0343981da572d1403cff2d08405f28e3a8b3ab6c02519bd8b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 23:16:01 GMT
Strict-Transport-Security: max-age=2592000
Last-Modified: Fri, 19 Jan 2024 02:36:28 GMT
Server: Kestrel
ETag: "1da4a804da845c0"
Content-Type: image/svg+xml
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 7104
Request-Context: appId=cid-v1:42889871-8d00-4bf5-8208-0e829c93316f

GET
H/1.1 200
OK Klavika-Regular.woff
donate.teamrubiconusa.org/build/assets/fonts/tr/ 42 KB
42 KB 186ms
186ms Font
application/font-woff 40.112.243.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.teamrubiconusa.org/build/assets/fonts/tr/Klavika-Regular.woff

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.112.243.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c8fb08e7c69390ce0d52c3e2201ab8991ea7b53194bd1dc86ca38f924e529a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
Origin: https://donate.teamrubiconusa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 23:16:01 GMT
Strict-Transport-Security: max-age=2592000
Last-Modified: Fri, 19 Jan 2024 02:34:00 GMT
Server: Kestrel
ETag: "1da4a7ff571fbac"
Content-Type: application/font-woff
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 42924
Request-Context: appId=cid-v1:42889871-8d00-4bf5-8208-0e829c93316f

GET
H/1.1 200
OK dms%20ca%2024_2.jpg
trstorageprod.blob.core.windows.net/imagecontainer/original/ 128 KB
129 KB 786ms
199ms Image
application/octet-stream 52.239.163.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trstorageprod.blob.core.windows.net/imagecontainer/original/dms%20ca%2024_2.jpg
Requested by: Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.163.100 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: edf7cdadde14bd66d402373d620dcf2f8019d83b8f62401a45a9cc0bad44fcfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 05 Feb 2024 23:16:01 GMT
Last-Modified: Mon, 05 Feb 2024 20:29:53 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: sbwMS4P3sH44uALN2B8n5Q==
ETag: 0x8DC26893587A4AF
Content-Type: application/octet-stream
x-ms-request-id: 542b2bc1-301e-0029-3c89-5822b1000000
x-ms-version: 2009-09-19
Content-Length: 131298

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23186019-1&cid=225260262.1707174962&jid=1954002257&_u=YGBAiEABBAAAAGAAI~&z=571705483

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 23:16:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23186019-1&cid=225260262.1707174962&jid=1954002257&_u=YGBAiEABBAAAAGAAI~&z=571705483

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 23:16:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Z4UBGHYDBFC6TJJ5DLFHXE Show response
d.adroll.com/consent/check/ 495 B
588 B 140ms
44ms Script
application/javascript 2a05:d018:cc3:fe04:c127:111a:2add:1285
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/Z4UBGHYDBFC6TJJ5DLFHXE?pv=84856946034.34042&arrfrr=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&_s=151bcd8913738531116e1164507171c1&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:c127:111a:2add:1285 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 78266c2d1a33d6c903bebb393e959ffb27148fa2de527e0ae69fd4e17b83c055

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:16:01 GMT
server: nginx/1.22.1
content-length: 495
content-type: application/javascript

GET
H3

200

/
www.google.de/pagead/1p-conversion/824070334/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/824070334/?random=851217206&cv=11&fst=1707174961510&bg=ffffff&guid=ON&async=1&gtm=45He41v0v72387463za200&gcd=13l3l3l3l1&dma_cps=syph...
https://www.google.com/pagead/1p-conversion/824070334/?random=851217206&cv=11&fst=1707174961510&bg=ffffff&guid=ON&async=1&gtm=45He41v0v72387463za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h...
https://www.google.de/pagead/1p-conversion/824070334/?random=851217206&cv=11&fst=1707174961510&bg=ffffff&guid=ON&async=1&gtm=45He41v0v72387463za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=...

42 B
64 B

38ms
38ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/824070334/?random=851217206&cv=11&fst=1707174961510&bg=ffffff&guid=ON&async=1&gtm=45He41v0v72387463za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&label=htU8COfJmd8BEL6h-YgD&hn=www.googleadservices.com&frm=0&tiba=California%20Storms%3A%20Monitoring&value=0&npa=0&pscdl=noapi&auid=1056727834.1707174961&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQII7LuxAg&pscrd=Ek9DaEVJZ0t1Q3JnWVE1ZWotdUtiVWxNSDJBUkltQUZLSW82Qk1xVktUdnNjX1JBQ1BlXzBsdVlob19tZUR3Z3Q2SWIxMDVSeTA0aWRscno4GlpDaEVJZ0t1Q3JnWVFzZURXdWUzUDVOXzVBUkl1QUxsSkQ0QXZhNjBBT3lkajNnZU9FZ0FGTkIyREZXOXJmRTRXQmczWGhMc21RNDdEazB0N3NkaTM0blRCY3ciEwiz1KCpqpWEAxVTUJEFHbzvClsyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&ocp_id=MWzBZfP3JdOgxdwPvN-r2AU&cid=CAQSKQAvHhf_4pGIaTuGGg4boJWPJkdbrjU9-GVlcUde-510uy6pQhYI8ods&eitems=ChAIgKuCrgYQ1M_J3drP3IQhEh0AnTytr8aFbDYc_HPk6q_AqQPavcCG8TWL7daRnA&random=1967725912&ipr=y

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 23:16:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Feb 2024 23:16:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/824070334/?random=851217206&cv=11&fst=1707174961510&bg=ffffff&guid=ON&async=1&gtm=45He41v0v72387463za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&label=htU8COfJmd8BEL6h-YgD&hn=www.googleadservices.com&frm=0&tiba=California%20Storms%3A%20Monitoring&value=0&npa=0&pscdl=noapi&auid=1056727834.1707174961&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQII7LuxAg&pscrd=Ek9DaEVJZ0t1Q3JnWVE1ZWotdUtiVWxNSDJBUkltQUZLSW82Qk1xVktUdnNjX1JBQ1BlXzBsdVlob19tZUR3Z3Q2SWIxMDVSeTA0aWRscno4GlpDaEVJZ0t1Q3JnWVFzZURXdWUzUDVOXzVBUkl1QUxsSkQ0QXZhNjBBT3lkajNnZU9FZ0FGTkIyREZXOXJmRTRXQmczWGhMc21RNDdEazB0N3NkaTM0blRCY3ciEwiz1KCpqpWEAxVTUJEFHbzvClsyAggDMgIIBDICCAcyAggIMgIICTICCAoyAggC&is_vtc=1&ocp_id=MWzBZfP3JdOgxdwPvN-r2AU&cid=CAQSKQAvHhf_4pGIaTuGGg4boJWPJkdbrjU9-GVlcUde-510uy6pQhYI8ods&eitems=ChAIgKuCrgYQ1M_J3drP3IQhEh0AnTytr8aFbDYc_HPk6q_AqQPavcCG8TWL7daRnA&random=1967725912&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 568B 5 KB
3 KB 90ms
20ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: 10169194.fls.doubleclick.net
URL: https://10169194.fls.doubleclick.net/activityi;dc_pre=CKneoamqlYQDFfNIkQUd6ZsGSQ;src=10169194;type=hva1f0;cat=allpa0;ord=3088620910469;npa=0;auiddc=1056727834.1707174961;pscdl=noapi;gtm=45He41v0v72387463za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10169194.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 07:53:59 GMT
Content-Encoding: gzip
Via: 1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Jan 2024 00:44:59 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 56834
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: blJYkQtNffKPEzPoRPzph9OWQvQ6kYgqXeTQFp05u6Ck09n5uUaECw==

GET
H2 200 dc_pre=CKneoamqlYQDFfNIkQUd6ZsGSQ;src=10169194;type=hva1f0;cat=allpa0;ord=3088620910469;npa=0;auiddc=*;pscdl=noapi;gtm=45He41v0v72387463za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;ua...
adservice.google.com/ddm/fls/z/ Frame 568B 42 B
401 B 122ms
59ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKneoamqlYQDFfNIkQUd6ZsGSQ;src=10169194;type=hva1f0;cat=allpa0;ord=3088620910469;npa=0;auiddc=*;pscdl=noapi;gtm=45He41v0v72387463za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F

Requested by

Host: 10169194.fls.doubleclick.net
URL: https://10169194.fls.doubleclick.net/activityi;dc_pre=CKneoamqlYQDFfNIkQUd6ZsGSQ;src=10169194;type=hva1f0;cat=allpa0;ord=3088620910469;npa=0;auiddc=1056727834.1707174961;pscdl=noapi;gtm=45He41v0v72387463za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10169194.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 23:16:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 63ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1589848707967354&ev=PageView&dl=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F&rl=&if=false&ts=1707174961763&sw=1600&sh=1200&v=2.9.145&r=stable&ec=0&o=4126&fbp=fb.1.1707174961762.1751312053&cs_est=true&ler=empty&cdl=API_unavailable&it=1707174961632&coo=false&exp=e1&rqm=GET

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 05 Feb 2024 23:16:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK 81.d6ece4c7.chunk.js Show response
donate.teamrubiconusa.org/build/static/js/ 220 B
575 B 191ms
191ms Script
text/javascript 40.112.243.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.teamrubiconusa.org/build/static/js/81.d6ece4c7.chunk.js

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.112.243.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2f0590669bdffd22628d3d72f0559ffe09f331c4bfccd2e640ce3151c91ced2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 23:16:01 GMT
Strict-Transport-Security: max-age=2592000
Last-Modified: Fri, 19 Jan 2024 02:36:28 GMT
Server: Kestrel
ETag: "1da4a804da85edc"
Content-Type: text/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 220
Request-Context: appId=cid-v1:42889871-8d00-4bf5-8208-0e829c93316f

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 57A2 0
60 B 154ms
53ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=mn7ndva&ref=https%3A%2F%2Fdonate.teamrubiconusa.org%2F&upid=3y599rv&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://10169194.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Mon, 05 Feb 2024 23:16:01 GMT
server: Kestrel

GET
H/1.1 200
OK tr-logo.2f681e4c.png
donate.teamrubiconusa.org/build/static/media/ 15 KB
16 KB 192ms
192ms Image
image/png 40.112.243.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.teamrubiconusa.org/build/static/media/tr-logo.2f681e4c.png

Requested by

Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.112.243.1 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

066b3fdcaad3ccf699dbf15074461f7413af763f26333692bf049d9195dbce5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 23:16:01 GMT
Strict-Transport-Security: max-age=2592000
Last-Modified: Fri, 19 Jan 2024 02:36:28 GMT
Server: Kestrel
ETag: "1da4a804da863bc"
Content-Type: image/png
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 15804
Request-Context: appId=cid-v1:42889871-8d00-4bf5-8208-0e829c93316f

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame A436 0
0 98ms
29ms Document
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash

Request headers

Referer: https://donate.teamrubiconusa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Mon, 05 Feb 2024 23:16:02 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

GET
H2 200 141bc6c012cd9ab0
pixel.sitescout.com/up/ 43 B
267 B 102ms
32ms Image
image/gif 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/141bc6c012cd9ab0?cntr_url=https%3A%2F%2Fdonate.teamrubiconusa.org%2FDonation%2Ffeb-ca-storms-24%2F
Requested by: Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 23:16:01 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
202 B 202ms
201ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: donate.teamrubiconusa.org
URL: https://donate.teamrubiconusa.org/build/static/js/12.dc454009.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://donate.teamrubiconusa.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 05 Feb 2024 23:16:02 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9D8C9B0AC6F74928B70EDFB010AAB102 Ref B: DUS30EDGE0421 Ref C: 2024-02-05T23:16:02Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://donate.teamrubiconusa.org
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYQqqU69fhT7wIoB5SnFg==

GET
H2 200 btt.js Show response
teamrubicon3276931z.btttag.com/ 56 B
331 B 97ms
43ms Script
application/javascript 2606:4700:10::ac43:25d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://teamrubicon3276931z.btttag.com/btt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JKFX&l=MCRMDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:25d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c271e6fee3e704d382c2d70f4bdcf9e714ecb7f637593e7d1832e5f6cdc6bb2d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.teamrubiconusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 23:16:03 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 05 Feb 2024 23:16:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 850edbdf98022c3a-FRA
content-length: 76
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.trusa.co/	1970-01-20 22:32:06	Name: _bit Value: o15nfW-c538bf98b854cf25fa-00H
.donate.teamrubiconusa.org/	1969-12-31 23:59:59	Name: ARRAffinity Value: 966e5aebfb9ffb149f5a6c7191731a1698b767ceeba988f08260d6ff49aa270e
.donate.teamrubiconusa.org/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 966e5aebfb9ffb149f5a6c7191731a1698b767ceeba988f08260d6ff49aa270e
.teamrubiconusa.org/	1970-01-20 20:22:30	Name: _gcl_au Value: 1.1.1056727834.1707174961
.teamrubiconusa.org/	1970-01-21 03:48:54	Name: _ga Value: GA1.2.225260262.1707174962
.teamrubiconusa.org/	1970-01-20 18:14:21	Name: _gid Value: GA1.2.249111127.1707174962
.teamrubiconusa.org/	1970-01-20 18:12:55	Name: _dc_gtm_UA-23186019-1 Value: 1
.teamrubiconusa.org/	1970-01-20 18:14:21	Name: _uetsid Value: 8711cbb0c47c11eebe419fd623cd44ed
.teamrubiconusa.org/	1970-01-21 03:34:30	Name: _uetvid Value: 8711c7b0c47c11ee89ed738857aecd5e
.bing.com/	1970-01-21 03:34:30	Name: MUID Value: 12B679A62B826BEE2E146DBA2A826A13
.doubleclick.net/	1970-01-21 03:34:30	Name: IDE Value: AHWqTUkrYEPdPO4yQP0TGvuEIo4H8XLcfPAD399NITgd0tNHgG1LEIrxMENFKRGxtzU
.doubleclick.net/	1970-01-20 22:32:06	Name: receive-cookie-deprecation Value: 1
.teamrubiconusa.org/	1970-01-20 20:22:30	Name: _fbp Value: fb.1.1707174961762.1751312053
.t.co/	1970-01-21 03:48:54	Name: muc_ads Value: bcb704a2-10d8-4c9d-83e0-c23abce619da
.twitter.com/	1970-01-21 03:48:54	Name: personalization_id Value: "v1_W0hg+SjdFQiUJoCseG7SBQ=="
.linkedin.com/	1970-01-20 20:22:30	Name: li_sugr Value: e3e580d5-0785-416c-985b-459fd4c269dc
.linkedin.com/	1970-01-21 02:58:30	Name: bcookie Value: "v=2&f68cbc47-3029-4108-883c-1aebe9a61df7"
.linkedin.com/	1970-01-20 18:14:21	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3119:u=1:x=1:i=1707174961:t=1707261361:v=2:sig=AQHhjWmTMZpQSmWmERpHGgOYpWEtZkUs"
.linkedin.com/	1970-01-20 18:56:06	Name: UserMatchHistory Value: AQI_9QpQc_dYjQAAAY17jqM8OwH_tbPNdUb3_ZTDOxlswy0t67TMLd4e1ADSLLZ7zp9aO5fA2EeC6g
.linkedin.com/	1970-01-20 18:56:06	Name: AnalyticsSyncHistory Value: AQLCtCkzCOcBwgAAAY17jqM82Gd4J_DcH5kETOjmL2mJjODHK-zI3a_0ULigr8sISNztOF3mWFVZxiDLxt2M5g
.www.linkedin.com/	1970-01-21 02:58:30	Name: bscookie Value: "v=1&2024020523160286731d7f-f579-443c-8f39-de0c8975c6fbAQEDtsn3yI5Mxr625gQ8LS2A9alLnN5k"
.linkedin.com/	1970-01-20 22:32:06	Name: li_gc Value: MTswOzE3MDcxNzQ5NjI7MjswMjEBZ57yOT47soS8gSw1j9EGjjUTeZO8q4RywM0UpBjAZg==

45 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0013/7967.js Message: Failed to load resource: the server responded with a status of 410 ()
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1589848707967354?v=2.9.145&r=stable&domain=donate.teamrubiconusa.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://donate.teamrubiconusa.org/Donation/feb-ca-storms-24/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10169194.fls.doubleclick.net
adservice.google.com
analytics.twitter.com
bat.bing.com
connect.facebook.net
d.adroll.com
donate.teamrubiconusa.org
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
pixel.sitescout.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
script.crazyegg.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
teamrubicon3276931z.btttag.com
trstorageprod.blob.core.windows.net
trusa.co
up.pixel.ad
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.244.42.197
104.244.42.3
108.138.15.119
13.107.42.14
142.250.186.66
142.250.186.70
199.232.188.157
2600:9000:2644:3800:6:9280:1080:93a1
2606:4700:10::ac43:25d2
2606:4700::6813:9308
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9d
2a02:26f0:3500:16::215:148d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:cc3:fe04:c127:111a:2add:1285
35.71.131.137
40.112.243.1
41.63.96.130
52.239.163.100
67.199.248.13
98.98.134.241
025c05cc0d035f49273129dfbaf4e0d0c69428c875d645c11bce4eb95f5d7ab3
066b3fdcaad3ccf699dbf15074461f7413af763f26333692bf049d9195dbce5e
0cabb436af3318f77d6b0b0952e550587952f740f43a201994c313fcb8028b1a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
23c546d82404096aa39836095ac4f55e1892d3df65fff06cacee639c2a5e4620
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
27e585924f3db6517265179979c27808cb33658e219b1d8e225a4962a4ad5878
2f0590669bdffd22628d3d72f0559ffe09f331c4bfccd2e640ce3151c91ced2d
39c1a56518222b5fbcfac9d82618a8c63d53b4528648b78e28a8ce4914ede415
402631f4051d81838daa73791bb44f171c26bd0f42e9df7622ca3b9ec3c004eb
562dcbf2a6d5e0044573ed40d27537a512cd690c4ee819a08b4519db0e988e8a
5aa92eb0465474efbbbe95bf854eb8013ca94b1b973efae52fa9b5160ca06cb7
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
621822d84586a1a66906c95c120670f77a41da5547e6a1aa581200e80a121a93
67c1527bd3f76087a8f672d6b0e74d8cf879f35d9dae92b614da5a2beab922e2
78266c2d1a33d6c903bebb393e959ffb27148fa2de527e0ae69fd4e17b83c055
7bf03b4c14d6eb606d6191ee4937e3892c1ca6f94b5c791c58043b4be527150c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
9d302ed70c55906569cac29cddb826b1e19b8339306166d31310230ac4291a58
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
c271e6fee3e704d382c2d70f4bdcf9e714ecb7f637593e7d1832e5f6cdc6bb2d
c848614130b29593ef608918a9d88bec7553747be7d914863daa8c8b0e135d0a
c8fb08e7c69390ce0d52c3e2201ab8991ea7b53194bd1dc86ca38f924e529a0f
cf7ee37f29c59822cf548a87f0439ab3e53ffddf04af130d4239e9065a6154f5
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edf7cdadde14bd66d402373d620dcf2f8019d83b8f62401a45a9cc0bad44fcfd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47d565ab6a6d0343981da572d1403cff2d08405f28e3a8b3ab6c02519bd8b68
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

donate.teamrubiconusa.org Open in urlscan Pro 40.112.243.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

94 %HTTPS

55 %IPv6

23 Domains

30 Subdomains

28 IPs

4 Countries

3856 kBTransfer

4521 kBSize

22 Cookies

1 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

donate.teamrubiconusa.org Open in urlscan Pro
40.112.243.1 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

94 %
HTTPS

55 %
IPv6

23
Domains

30
Subdomains

28
IPs

4
Countries

3856 kB
Transfer

4521 kB
Size

22
Cookies

50 HTTP transactions
0 data transactions