urlscan.io logo urlscan.io
SecurityTrails logo

www.marchofdimes.org Open in urlscan Pro
2606:4700:10::6816:4345  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadO...
Effective URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_...
Submission: On January 02 via manual from MX — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 108 IPs in 9 countries across 88 domains to perform 489 HTTP transactions. The main IP is 2606:4700:10::6816:4345, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.marchofdimes.org. The Cisco Umbrella rank of the primary domain is 689120.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2023. Valid for: a year.
This is the only time www.marchofdimes.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.17.71.206 13335 (CLOUDFLAR...)
17 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
22 172.67.72.38 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 108.157.1.118 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 151.101.129.44 54113 (FASTLY)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
12 2620:1ec:c11:... 8068 (MICROSOFT...)
3 6 216.58.206.38 15169 (GOOGLE)
8 2620:116:800d... 16509 (AMAZON-02)
2 2.19.106.209 16625 (AKAMAI-AS)
6 2a03:2880:f08... 32934 (FACEBOOK)
1 104.18.13.242 13335 (CLOUDFLAR...)
2 5 142.250.181.230 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
6 2.16.110.67 20940 (AKAMAI-ASN1)
1 108.157.194.91 16509 (AMAZON-02)
1 37.157.5.72 198622 (ADFORM)
4 2600:9000:223... 16509 (AMAZON-02)
7 8 2620:1ec:21::14 8068 (MICROSOFT...)
2 13.107.42.14 8068 (MICROSOFT...)
2 3.33.220.150 16509 (AMAZON-02)
3 2001:4860:480... 15169 (GOOGLE)
4 64.202.112.127 22075 (AS-OUTBRAIN)
44 104.26.5.251 13335 (CLOUDFLAR...)
61 18.154.63.14 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
3 2a03:2880:f17... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
6 11 185.89.210.122 29990 (ASN-APPNEX)
3 52.86.238.173 14618 (AMAZON-AES)
2 154.59.122.94 174 (COGENT-174)
2 72.44.44.12 14618 (AMAZON-AES)
2 2a02:2638:3::e 44788 (ASN-CRITE...)
8 18.193.153.136 16509 (AMAZON-02)
1 40.160.4.235 16276 (OVH)
1 2a04:4e42:400... 54113 (FASTLY)
1 2 185.167.164.43 198622 (ADFORM)
6 151.101.65.21 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
6 10 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 188.114.97.3 13335 (CLOUDFLAR...)
57 54.186.23.98 16509 (AMAZON-02)
2 2a02:26f0:780... 20940 (AKAMAI-ASN1)
7 151.101.192.176 54113 (FASTLY)
3 192.229.221.25 15133 (EDGECAST)
2 151.101.1.35 54113 (FASTLY)
2 6 178.250.1.9 44788 (ASN-CRITE...)
2 74.119.119.150 19750 (AS-CRITEO)
4 34.209.252.180 16509 (AMAZON-02)
2 9 37.157.5.133 198622 (ADFORM)
6 37.157.4.29 198622 (ADFORM)
1 198.202.176.81 16509 (AMAZON-02)
3 52.211.145.149 16509 (AMAZON-02)
3 23.213.165.82 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
1 18.196.5.91 16509 (AMAZON-02)
3 89.149.192.201 60781 (LEASEWEB-...)
1 2607:ae80:4::26 26558 (FREEWHEEL)
3 3.123.203.242 16509 (AMAZON-02)
1 4 172.64.151.101 13335 (CLOUDFLAR...)
6 7 77.243.51.121 42697 (NETIC-AS)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
6 6 142.250.185.162 15169 (GOOGLE)
1 3.127.178.105 16509 (AMAZON-02)
2 2 54.78.254.47 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 34.248.85.3 16509 (AMAZON-02)
2 72.246.169.24 16625 (AKAMAI-AS)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 1 54.194.99.174 16509 (AMAZON-02)
1 52.218.37.107 16509 (AMAZON-02)
4 5 89.163.155.32 24961 (MYLOC-AS ...)
1 1 91.210.226.74 ()
1 1 139.162.141.41 ()
3 34.240.241.48 16509 (AMAZON-02)
3 185.64.191.210 62713 (AS-PUBMATIC)
1 65.9.66.72 16509 (AMAZON-02)
2 3 54.170.164.95 16509 (AMAZON-02)
4 6 52.17.48.145 16509 (AMAZON-02)
1 1 18.239.69.20 16509 (AMAZON-02)
2 2 52.28.24.250 16509 (AMAZON-02)
3 162.19.138.119 16276 (OVH)
2 2 35.190.24.218 15169 (GOOGLE)
3 23.218.209.56 16625 (AKAMAI-AS)
1 2600:9000:211... 16509 (AMAZON-02)
1 46.19.11.36 51790 (SIEL)
3 76.223.111.18 16509 (AMAZON-02)
2 52.57.138.113 16509 (AMAZON-02)
2 95.101.148.20 16625 (AKAMAI-AS)
2 69.173.144.165 26667 (RUBICONPR...)
4 141.226.228.48 200478 (TABOOLA-AS)
4 3.75.62.37 16509 (AMAZON-02)
2 23.50.131.84 20940 (AKAMAI-ASN1)
2 46.137.112.167 16509 (AMAZON-02)
2 34.117.157.22 396982 (GOOGLE-CL...)
2 18.196.116.41 16509 (AMAZON-02)
2 54.165.111.121 14618 (AMAZON-AES)
2 70.42.32.223 13789 (INTERNAP-...)
2 35.156.199.89 16509 (AMAZON-02)
2 2600:1f18:612... 14618 (AMAZON-AES)
2 85.215.5.31 6786 (CRONON-BE...)
1 54.216.105.108 16509 (AMAZON-02)
4 2a00:1450:401... 15169 (GOOGLE)
5 104.19.218.90 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.19.219.90 13335 (CLOUDFLAR...)
489 108
1    104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)
go.marchofdimes.org
17    2606:4700:10::6816:4345 (United States)

ASN13335 (CLOUDFLARENET, US)
www.marchofdimes.org
give.marchofdimes.org
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
10    2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
22    172.67.72.38 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.fundraiseup.com
static.fundraiseup.com
api.fundraiseup.com
5    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
fndrsp.net
1    108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net
js.adsrvr.org
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
12    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
6    216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f6.1e100.net
8832015.fls.doubleclick.net
8    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    2.19.106.209 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-106-209.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
6    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.18.13.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
5    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
13    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
play.google.com
6    2.16.110.67 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-110-67.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    108.157.194.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-194-91.mxp53.r.cloudfront.net
js.ipredictive.com
1    37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
4    2600:9000:223c:2e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
8    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
44    104.26.5.251 (None, )

ASN13335 (CLOUDFLARENET, US)
static.fundraiseup.com
api.fundraiseup.com
61    18.154.63.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-14.dus51.r.cloudfront.net
js.stripe.com
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
11    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
ib.adnxs.com
3    52.86.238.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-238-173.compute-1.amazonaws.com
ad.ipredictive.com
2    154.59.122.94 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
e.acuityplatform.com
2    72.44.44.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-72-44-44-12.compute-1.amazonaws.com
px.adentifi.com
2    2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
8    18.193.153.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
tags.srv.stackadapt.com
1    40.160.4.235 (United States)

ASN16276 (OVH, FR)
sentry.fundraiseup.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
2    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
a2.adform.net
6    151.101.65.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
10    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
fndrsp-checkout.net
57    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
r.stripe.com
2    2a02:26f0:780::210:a40a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ucarecdn.com
7    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
m.stripe.network
b.stripecdn.com
3    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    151.101.1.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
6    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
4    34.209.252.180 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-252-180.us-west-2.compute.amazonaws.com
m.stripe.com
9    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
a1.seadform.net
dmp.adform.net
cm.adform.net
1    198.202.176.81 (United States)

ASN16509 (AMAZON-02, US)
merchant-ui-api.stripe.com
3    52.211.145.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-145-149.eu-west-1.compute.amazonaws.com
ad.360yield.com
3    23.213.165.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-82.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    18.196.5.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-5-91.eu-central-1.compute.amazonaws.com
ih.adscale.de
3    89.149.192.201 (Bunschoten, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
rtb-csync.smartadserver.com
1    2607:ae80:4::26 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
3    3.123.203.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-203-242.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
r.casalemedia.com
7    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
se.semasio.net
2    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
6    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
1    3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
ps.eyeota.net
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    34.248.85.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-85-3.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
eu-u.openx.net
1    54.194.99.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-99-174.eu-west-1.compute.amazonaws.com
api.adrtx.net
1    52.218.37.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
5    89.163.155.32 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm50.as.net
cm.adsafety.net
1    91.210.226.74 (None, )

ASN- ()
ads.smartstream.tv
1    139.162.141.41 (None, )

ASN- ()
tags.adsafety.net
3    34.240.241.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-241-48.eu-west-1.compute.amazonaws.com
beacon.krxd.net
3    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    65.9.66.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-72.fra56.r.cloudfront.net
pdw-adf.userreport.com
3    54.170.164.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-164-95.eu-west-1.compute.amazonaws.com
a.audrte.com
6    52.17.48.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-48-145.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.239.69.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-20.ams58.r.cloudfront.net
aa.agkn.com
2    52.28.24.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-24-250.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
2    35.190.24.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
3    23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com
sync.teads.tv
criteo-sync.teads.tv
1    2600:9000:211e:0:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si
match.contentexchange.me
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    52.57.138.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-138-113.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
2    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
trc-events.taboola.com
4    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    23.50.131.84 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-84.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    46.137.112.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-112-167.eu-west-1.compute.amazonaws.com
visitor.omnitagjs.com
2    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
2    18.196.116.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-116-41.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
2    54.165.111.121 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-111-121.compute-1.amazonaws.com
jadserve.postrelease.com
2    70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    35.156.199.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-199-89.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    2600:1f18:612b:4200:cf3b:d950:bab4:515a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
2    85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    54.216.105.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-105-108.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
4    2a00:1450:4013:c04::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
pay.google.com
5    104.19.218.90 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
api2.hcaptcha.com
api.hcaptcha.com
4    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)
newassets.hcaptcha.com
Apex Domain
Subdomains		 Transfer
123 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2656
q.stripe.com — Cisco Umbrella Rank: 13887
r.stripe.com — Cisco Umbrella Rank: 6573
m.stripe.com — Cisco Umbrella Rank: 2365
merchant-ui-api.stripe.com — Cisco Umbrella Rank: 12870
2 MB
67 fundraiseup.com
cdn.fundraiseup.com — Cisco Umbrella Rank: 59411
static.fundraiseup.com — Cisco Umbrella Rank: 54477
api.fundraiseup.com — Cisco Umbrella Rank: 179449
sentry.fundraiseup.com — Cisco Umbrella Rank: 202515
1 MB
21 google.com
adservice.google.com — Cisco Umbrella Rank: 189
www.google.com — Cisco Umbrella Rank: 6
pay.google.com — Cisco Umbrella Rank: 3910
play.google.com — Cisco Umbrella Rank: 95
424 KB
20 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 4009
gum.criteo.com — Cisco Umbrella Rank: 597
mug.criteo.com — Cisco Umbrella Rank: 1867
sslwidget.criteo.com — Cisco Umbrella Rank: 2480
widget.us.criteo.com — Cisco Umbrella Rank: 27168
dis.criteo.com — Cisco Umbrella Rank: 943
67 KB
20 doubleclick.net
8832015.fls.doubleclick.net — Cisco Umbrella Rank: 921481
ad.doubleclick.net — Cisco Umbrella Rank: 199
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
27 KB
18 marchofdimes.org
go.marchofdimes.org — Cisco Umbrella Rank: 581801
www.marchofdimes.org — Cisco Umbrella Rank: 689120
give.marchofdimes.org
390 KB
17 adform.net
s2.adform.net — Cisco Umbrella Rank: 7751
a2.adform.net — Cisco Umbrella Rank: 12667
c1.adform.net — Cisco Umbrella Rank: 1001
dmp.adform.net — Cisco Umbrella Rank: 4001
cm.adform.net — Cisco Umbrella Rank: 1664
42 KB
12 bing.com
bat.bing.com — Cisco Umbrella Rank: 692
54 KB
11 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 793
ib.adnxs.com — Cisco Umbrella Rank: 356
8 KB
10 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
www.linkedin.com — Cisco Umbrella Rank: 944
px4.ads.linkedin.com — Cisco Umbrella Rank: 7294
10 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 625
172 KB
9 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1255
trc.taboola.com — Cisco Umbrella Rank: 960
pips.taboola.com — Cisco Umbrella Rank: 1936
cds.taboola.com — Cisco Umbrella Rank: 2300
sync-t1.taboola.com — Cisco Umbrella Rank: 2152
trc-events.taboola.com — Cisco Umbrella Rank: 2320
25 KB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3050
t.paypal.com — Cisco Umbrella Rank: 3583
89 KB
8 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 4796
16 KB
8 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3674
tr.outbrain.com — Cisco Umbrella Rank: 3336
wave.outbrain.com — Cisco Umbrella Rank: 3465
sync.outbrain.com — Cisco Umbrella Rank: 1287
10 KB
8 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2137
pixel.quantserve.com — Cisco Umbrella Rank: 1736
39 KB
7 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2396
se.semasio.net — Cisco Umbrella Rank: 19184
4 KB
6 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 6229
newassets.hcaptcha.com — Cisco Umbrella Rank: 7636
api2.hcaptcha.com — Cisco Umbrella Rank: 18736
api.hcaptcha.com — Cisco Umbrella Rank: 7827
405 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
4 KB
6 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 17119
tags.adsafety.net
10 KB
6 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 818
151 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
267 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
21 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
410 KB
4 gstatic.com
www.gstatic.com
101 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
170 B
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
r.casalemedia.com — Cisco Umbrella Rank: 2571
2 KB
4 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2891
32 KB
4 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1945
7 KB
4 ipredictive.com
js.ipredictive.com — Cisco Umbrella Rank: 29469
ad.ipredictive.com — Cisco Umbrella Rank: 8095
3 KB
3 stripecdn.com
b.stripecdn.com — Cisco Umbrella Rank: 18058
45 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 731
418 B
3 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2019
criteo-sync.teads.tv — Cisco Umbrella Rank: 3178
489 B
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 658
3 KB
3 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3399
2 KB
3 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
373 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1173
1012 B
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 3106
load77.exelator.com — Cisco Umbrella Rank: 6128
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
436 B
3 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004
489 B
3 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 744
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
692 B
3 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4236
705 B
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 995
595 B
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2512
33 KB
3 fndrsp-checkout.net
fndrsp-checkout.net — Cisco Umbrella Rank: 196518
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
234 B
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2259
insight.adsrvr.org — Cisco Umbrella Rank: 1095
match.adsrvr.org — Cisco Umbrella Rank: 594
3 KB
2 twiago.com
a.twiago.com — Cisco Umbrella Rank: 28126
306 B
2 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3791
795 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 797
69 B
2 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1607
845 B
2 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1753
2 KB
2 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 9290
359 B
2 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1124
769 B
2 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1385
638 B
2 media.net
contextual.media.net — Cisco Umbrella Rank: 1093
2 KB
2 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 3028
87 B
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14378
630 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
1 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 1261
648 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2052
928 B
2 ucarecdn.com
ucarecdn.com — Cisco Umbrella Rank: 24308
14 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 4002
563 B
2 adentifi.com
px.adentifi.com — Cisco Umbrella Rank: 16453
69 B
2 acuityplatform.com
e.acuityplatform.com — Cisco Umbrella Rank: 33546
374 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1877
31 KB
2 fndrsp.net
fndrsp.net — Cisco Umbrella Rank: 55640
768 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3522
38 B
1 contentexchange.me
match.contentexchange.me — Cisco Umbrella Rank: 40489
49 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1035
236 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 973
646 B
1 userreport.com
pdw-adf.userreport.com — Cisco Umbrella Rank: 39122
444 B
1 smartstream.tv
ads.smartstream.tv
849 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
390 B
1 adrtx.net
api.adrtx.net — Cisco Umbrella Rank: 48841
407 B
1 openx.net
eu-u.openx.net — Cisco Umbrella Rank: 3669
264 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419
265 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 764
98 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1645
344 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
638 B
1 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 5432
38 B
1 seadform.net
a1.seadform.net — Cisco Umbrella Rank: 44866
457 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
5 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 3722
50 KB
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 21734
96 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1429
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
1 KB
0 ib-ibi.com Failed
global.ib-ibi.com Failed
489 88
Domain Requested by
62 static.fundraiseup.com cdn.fundraiseup.com
static.fundraiseup.com
www.marchofdimes.org
61 js.stripe.com static.fundraiseup.com
js.stripe.com
34 r.stripe.com js.stripe.com
23 q.stripe.com go.marchofdimes.org
js.stripe.com
16 www.marchofdimes.org go.marchofdimes.org
www.marchofdimes.org
static.cloudflareinsights.com
12 play.google.com www.gstatic.com
12 bat.bing.com www.googletagmanager.com
bat.bing.com
8832015.fls.doubleclick.net
10 cdn.cookielaw.org www.marchofdimes.org
cdn.cookielaw.org
9 c1.adform.net 2 redirects a2.adform.net
c1.adform.net
8 gum.criteo.com 6 redirects dynamic.criteo.com
8 tags.srv.stackadapt.com 8832015.fls.doubleclick.net
tags.srv.stackadapt.com
7 ib.adnxs.com 4 redirects 8832015.fls.doubleclick.net
go.marchofdimes.org
6 dpm.demdex.net 4 redirects
6 cm.g.doubleclick.net 6 redirects
6 www.paypal.com static.fundraiseup.com
www.paypal.com
www.paypalobjects.com
6 px.ads.linkedin.com 5 redirects static.fundraiseup.com
6 analytics.tiktok.com go.marchofdimes.org
analytics.tiktok.com
6 connect.facebook.net go.marchofdimes.org
connect.facebook.net
8832015.fls.doubleclick.net
6 8832015.fls.doubleclick.net 3 redirects www.googletagmanager.com
5 cm.adsafety.net 4 redirects c1.adform.net
5 ad.doubleclick.net 2 redirects go.marchofdimes.org
5 www.googletagmanager.com www.marchofdimes.org
www.googletagmanager.com
4 www.gstatic.com pay.google.com
www.gstatic.com
4 pay.google.com static.fundraiseup.com
pay.google.com
go.marchofdimes.org
www.gstatic.com
4 ups.analytics.yahoo.com go.marchofdimes.org
4 dis.criteo.com
4 se.semasio.net 3 redirects c1.adform.net
4 m.stripe.com m.stripe.network
4 m.stripe.network js.stripe.com
m.stripe.network
4 secure.adnxs.com 2 redirects 8832015.fls.doubleclick.net
c1.adform.net
4 pixel.quantserve.com 8832015.fls.doubleclick.net
4 tr.outbrain.com amplify.outbrain.com
4 rules.quantcount.com secure.quantserve.com
4 secure.quantserve.com www.googletagmanager.com
8832015.fls.doubleclick.net
3 newassets.hcaptcha.com hcaptcha.com
newassets.hcaptcha.com
3 b.stripecdn.com js.stripe.com
b.stripecdn.com
3 eb2.3lift.com c1.adform.net
go.marchofdimes.org
3 id5-sync.com c1.adform.net
go.marchofdimes.org
3 dmp.adform.net c1.adform.net
3 a.audrte.com 2 redirects c1.adform.net
3 simage2.pubmatic.com c1.adform.net
go.marchofdimes.org
3 beacon.krxd.net c1.adform.net
3 uipglob.semasio.net 3 redirects
3 x.bidswitch.net c1.adform.net
go.marchofdimes.org
3 rtb-csync.smartadserver.com c1.adform.net
go.marchofdimes.org
3 ad.yieldlab.net c1.adform.net
go.marchofdimes.org
3 ad.360yield.com c1.adform.net
go.marchofdimes.org
3 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
3 fndrsp-checkout.net cdn.fundraiseup.com
3 ad.ipredictive.com 8832015.fls.doubleclick.net
js.ipredictive.com
3 adservice.google.com 8832015.fls.doubleclick.net
3 www.facebook.com 8832015.fls.doubleclick.net
3 region1.google-analytics.com www.googletagmanager.com
3 api.fundraiseup.com cdn.fundraiseup.com
static.fundraiseup.com
2 trc-events.taboola.com static.fundraiseup.com
2 a.twiago.com go.marchofdimes.org
2 criteo-partners.tremorhub.com go.marchofdimes.org
2 match.sharethrough.com go.marchofdimes.org
2 sync.outbrain.com go.marchofdimes.org
2 jadserve.postrelease.com go.marchofdimes.org
2 exchange.mediavine.com go.marchofdimes.org
2 matching.ivitrack.com go.marchofdimes.org
2 r.casalemedia.com go.marchofdimes.org
2 visitor.omnitagjs.com go.marchofdimes.org
2 cm.adform.net go.marchofdimes.org
2 hb.yahoo.net go.marchofdimes.org
2 criteo-sync.teads.tv go.marchofdimes.org
2 sync-t1.taboola.com go.marchofdimes.org
2 pixel.rubiconproject.com go.marchofdimes.org
2 contextual.media.net go.marchofdimes.org
2 e1.emxdgt.com c1.adform.net
2 redirect.frontend.weborama.fr 2 redirects
2 pm.w55c.net 2 redirects
2 tags.bluekai.com c1.adform.net
2 loadm.exelator.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects c1.adform.net
2 widget.us.criteo.com 8832015.fls.doubleclick.net
2 sslwidget.criteo.com 2 redirects
2 mug.criteo.com 8832015.fls.doubleclick.net
2 t.paypal.com www.marchofdimes.org
2 ucarecdn.com www.marchofdimes.org
2 www.google.de
2 www.google.com
2 a2.adform.net 1 redirects
2 dynamic.criteo.com 8832015.fls.doubleclick.net
2 px.adentifi.com 8832015.fls.doubleclick.net
2 e.acuityplatform.com 8832015.fls.doubleclick.net
2 googleads.g.doubleclick.net www.googletagmanager.com
2 px4.ads.linkedin.com 8832015.fls.doubleclick.net
2 www.linkedin.com 2 redirects
2 snap.licdn.com www.googletagmanager.com
8832015.fls.doubleclick.net
2 cdn.taboola.com www.googletagmanager.com
cdn.taboola.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fndrsp.net cdn.fundraiseup.com
1 api.hcaptcha.com newassets.hcaptcha.com
1 api2.hcaptcha.com newassets.hcaptcha.com
1 hcaptcha.com b.stripecdn.com
1 sync-criteo.ads.yieldmo.com
1 match.contentexchange.me c1.adform.net
1 s.ad.smaato.net c1.adform.net
1 sync.teads.tv c1.adform.net
1 match.adsrvr.org c1.adform.net
1 aa.agkn.com 1 redirects
1 pdw-adf.userreport.com c1.adform.net
1 tags.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 s3-eu-west-1.amazonaws.com c1.adform.net
1 api.adrtx.net 1 redirects
1 eu-u.openx.net c1.adform.net
1 sync.crwdcntrl.net c1.adform.net
1 idsync.rlcdn.com c1.adform.net
1 load77.exelator.com c1.adform.net
1 ps.eyeota.net c1.adform.net
1 ads.stickyadstv.com c1.adform.net
1 ih.adscale.de c1.adform.net
1 token.rubiconproject.com c1.adform.net
1 merchant-ui-api.stripe.com js.stripe.com
1 a1.seadform.net
1 cds.taboola.com static.fundraiseup.com
1 pips.taboola.com static.fundraiseup.com
1 sentry.fundraiseup.com static.fundraiseup.com
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 pagead2.googlesyndication.com ad.doubleclick.net
1 wave.outbrain.com amplify.outbrain.com
1 insight.adsrvr.org js.adsrvr.org
1 trc.taboola.com cdn.taboola.com
1 s2.adform.net go.marchofdimes.org
1 js.ipredictive.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 cdn.resonate.com go.marchofdimes.org
1 amplify.outbrain.com www.googletagmanager.com
1 js.adsrvr.org www.googletagmanager.com
1 cdn.fundraiseup.com go.marchofdimes.org
1 give.marchofdimes.org www.marchofdimes.org
1 static.cloudflareinsights.com www.marchofdimes.org
1 fonts.googleapis.com www.marchofdimes.org
1 go.marchofdimes.org
0 global.ib-ibi.com Failed c1.adform.net
489 139
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-15 -
2024-04-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
fundraiseup.com
Cloudflare Inc ECC CA-3		 2023-05-22 -
2024-05-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-11 -
2024-01-09		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.ipredictive.com
Amazon RSA 2048 M02		 2023-03-14 -
2024-04-11		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.acuityplatform.com
Go Daddy Secure Certificate Authority - G2		 2023-04-13 -
2024-05-14		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-09-09 -
2024-10-07		 a year crt.sh
sentry.fundraiseup.com
R3		 2023-12-30 -
2024-03-29		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-13 -
2024-08-20		 10 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
cps3.ucarecdn.com
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh
*.seadform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-08		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adscale.de
Amazon RSA 2048 M02		 2023-07-18 -
2024-08-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2023-03-08 -
2024-04-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.userreport.com
Amazon RSA 2048 M02		 2023-11-20 -
2024-12-17		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.contentexchange.me
Sectigo RSA Domain Validation Secure Server CA		 2023-05-29 -
2024-06-04		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
hb.yahoo.net
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
itm.ivitrack.com
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-07 -
2025-01-06		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 30 frames:

Primary Page: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Frame ID: 3D899228515AC003539E191F22269D6F
Requests: 175 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Frame ID: 67B45E3237FF3852151FE98B7F14A94C
Requests: 12 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Frame ID: 470B4BBC7B0D8A01D3BD2C0C36358728
Requests: 20 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=2n62y3m&ref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&upid=b8lvzxo&upv=1.1.0
Frame ID: E0EF6CC166B474226B51340072D50CD0
Requests: 1 HTTP requests in this frame

Frame: https://static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
Frame ID: 08EAABBEC6164748FE6A437865CD5FBB
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/
Frame ID: F10A1746AC873AA0ED70B29DAEDB1551
Requests: 12 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=107549&cache_buster=1704204952&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&val=undefined&tn=undefined&p1=gtm.js
Frame ID: 030550547054C7F865F04952C8E453FF
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 8A5525CDC2BE5DBFC679207E9643C020
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: 898E9D9F0AE73487FC605D81D6CC8B29
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: BAF91A025CCCD8B19ABB85E6E8681F8D
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: 763C302C954277A8C61C4076C48AF586
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Frame ID: C3C1E6552668B2941F321848583A3820
Requests: 2 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Frame ID: B98747B6A07DD551F46A89E4CADEAD87
Requests: 20 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: A9123806E11B873765B4FE38AE2B6F8B
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 793C390EED27F3C8E303FEC5F094F124
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: FA05F7F13BFE34C579A01C441F628DFA
Requests: 32 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Frame ID: D7FFDFC5201CDA3047D33CED8A5B26DE
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: 305D95BAC505CF64ABC409DE0F5860D8
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: 45211400E7F01A8D301CCBB6AACBD921
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: 158DA93923B8D3D75743C9E3D6898A82
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Frame ID: 75F9583E840C912EDFFE6EC6F69FCE04
Requests: 9 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: D1DF5BF6EC7F16880515EF91E966ECDA
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Frame ID: 00BD9D6BCD66A62E20AF301AAAD64324
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Frame ID: 515342AC24D6150C1175EE0AF8568BC3
Requests: 41 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k--sX-QaNBKjsZyTbMNKqqQt1NaN3WtrjBxrGUjg&google_gid=CAESEON7zEFyQKqPz8YXJbC-T40&google_cver=1&google_ula=913071,0
Frame ID: 17D44F7D7CF65FC3B378AF1AAD6CA43C
Requests: 30 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k--sX-QaNBKjsZyTbMNKqqQt1NaN3WtrjBxrGUjg&google_gid=CAESEON7zEFyQKqPz8YXJbC-T40&google_cver=1&google_ula=913071,0
Frame ID: D53B9124B87395C2579006189A2ED0E0
Requests: 30 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Frame ID: 6F94D5DAA95A748AE488C1E861A3FEC7
Requests: 5 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=3299ea95-cc0d-41dc-af04-4832d55bbe1b&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: CB986548F8B3CD25A7162FBA0D1AF20C
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.marchofdimes.org&mid=
Frame ID: 1394731EEEE97E58AF6E4E7B32BF189B
Requests: 13 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=1wm30tmzqgl
Frame ID: B71113F2085CD9797EA19AD960253145
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Donate Now | March of DimesCloseCloseCloseCloseCloseCloseCloseCloseBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8D... Page URL
  2. https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

489
Requests

93 %
HTTPS

25 %
IPv6

88
Domains

139
Subdomains

108
IPs

9
Countries

6512 kB
Transfer

22441 kB
Size

93
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM= Page URL
  2. https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA HTTP 302
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Request Chain 67
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA HTTP 302
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Request Chain 77
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CIOHuZbyvoMDFbGXgwcdbkwPWA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 78
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CLKCuZbyvoMDFVT0EQgdCfAApQ;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 90
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204952264&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204952264&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3446297%26time%3D1704204952264%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204952264&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204952264&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&cookiesTest=true&liSync=true&e_ipv6=AQKLQxcx0bQkcwAAAYzKh-UnSGQSyL26oIGzAm55V6JbCHbwlAqj3bpJjEq8jk7S-7ox6TqS54e1
Request Chain 117
  • https://secure.adnxs.com/px?id=1282070&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
Request Chain 118
  • https://ib.adnxs.com/seg?add=22494154 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
Request Chain 140
  • https://a2.adform.net/Serving/TrackPoint/?pm=3179125&ADFdivider=%7C&ord=746536189417&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=746536189417&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Request Chain 141
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204952550&url=https%3A%2F%2Fwww.marchofdimes.org%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2179642%26time%3D1704204952550%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204952550&url=https%3A%2F%2Fwww.marchofdimes.org%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204952550&url=https%3A%2F%2Fwww.marchofdimes.org%2F&liSync=true&e_ipv6=AQJpBwjXq3-BBwAAAYzKh-XOciUnr11-Us-G5gAqRpf_ET0Si_SQv5kElRYPZioGVWcw8FW7AUYb
Request Chain 178
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA HTTP 302
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Request Chain 236
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=www.marchofdimes.org&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=iWxyg3w2Mng5RGxydk9JNk1ES3pqK3JkOUdOL3lsYWVPa0J0QzdReXhrcUdpTDJGSzlWbkQxM2ppY3FrcmNadVpsWDR0TThxeFJxZ1FCbmpoN3Mva2hkUlJpV2VVcXpnbGc5Ym5teGM0QU82UXJMZTRFR2tMbm82cllLdW1rUUYxckppWkF1ODEwT3I2d1FVckJCOEN3RjNEOFdVY1cyL0RMNllESWlNTEEzUVp1VHRTck1XWjdoNGtiRXFPa0RFdXBLb2g0YUh1amgwQ0lHTHF5bmdUUVYybkhuT2ZHSUVXajZ6R3ZGZFo0YnV4SXN6eTBHQ2xWbFgvMnI2RlZFRDFZemZlVkNRU21nT0Q1ak8rM2g1RTMrSTgvdWxVVFV0ZkxCRkF0L0sremowZldFeU9sRzVkbEd2WCtManpOaGxNcWxqOXw&cppv=2
Request Chain 297
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=33wbF194SG1BUEZGdURwbndsMWRwcHB1Ulh1WGNwU01XT3B4aSUyRnljSm42VUphSEk0RFQ3UWlGZFFab0NjSnhKa2NaOG1DcXVCWlNSYnRjM3VkQVRwTTJ5UHU4TlZsYXB2VEQxQkE0Qjk1b3FNT0NTVlhwYzFRSlJGRzBOcEY1anNQdVhoZTh5Qks2cElXcDNETzFXR2xHbVVvenc4RUlSTFBSMzZTeDRUcmk2NiUyRmt3JTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=1e8aba53-4fd0-4be6-8f4d-b0de0da9b3be&dtycbr=68762 HTTP 302
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=33wbF194SG1BUEZGdURwbndsMWRwcHB1Ulh1WGNwU01XT3B4aSUyRnljSm42VUphSEk0RFQ3UWlGZFFab0NjSnhKa2NaOG1DcXVCWlNSYnRjM3VkQVRwTTJ5UHU4TlZsYXB2VEQxQkE0Qjk1b3FNT0NTVlhwYzFRSlJGRzBOcEY1anNQdVhoZTh5Qks2cElXcDNETzFXR2xHbVVvenc4RUlSTFBSMzZTeDRUcmk2NiUyRmt3JTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=1e8aba53-4fd0-4be6-8f4d-b0de0da9b3be&dtycbr=68762
Request Chain 304
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=33wbF194SG1BUEZGdURwbndsMWRwcHB1Ulh1WGNwU01XT3B4aSUyRnljSm42VUphSEk0RFQ3UWlGZFFab0NjSnhKa2NaOG1DcXVCWlNSYnRjM3VkQVRwTTJ5UHU4TlZsYXB2VEQxQkE0Qjk1b3FNT0NTVlhwYzFRSlJGRzBOcEY1anNQdVhoZTh5Qks2cElXcDNETzFXR2xHbVVvenc4RUlSTFBSMzZTeDRUcmk2NiUyRmt3JTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=6bed1063-911c-43d7-a31d-bee2af3fa17b&dtycbr=83207 HTTP 302
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=33wbF194SG1BUEZGdURwbndsMWRwcHB1Ulh1WGNwU01XT3B4aSUyRnljSm42VUphSEk0RFQ3UWlGZFFab0NjSnhKa2NaOG1DcXVCWlNSYnRjM3VkQVRwTTJ5UHU4TlZsYXB2VEQxQkE0Qjk1b3FNT0NTVlhwYzFRSlJGRzBOcEY1anNQdVhoZTh5Qks2cElXcDNETzFXR2xHbVVvenc4RUlSTFBSMzZTeDRUcmk2NiUyRmt3JTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=6bed1063-911c-43d7-a31d-bee2af3fa17b&dtycbr=83207
Request Chain 332
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=2&topUrl=www.marchofdimes.org&bundle=33wbF194SG1BUEZGdURwbndsMWRwcHB1Ulh1WGNwU01XT3B4aSUyRnljSm42VUphSEk0RFQ3UWlGZFFab0NjSnhKa2NaOG1DcXVCWlNSYnRjM3VkQVRwTTJ5UHU4TlZsYXB2VEQxQkE0Qjk1b3FNT0NTVlhwYzFRSlJGRzBOcEY1anNQdVhoZTh5Qks2cElXcDNETzFXR2xHbVVvenc4RUlSTFBSMzZTeDRUcmk2NiUyRmt3JTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=QFlMQnxLT0t5T2I1TnpyUERMQUhYWWNaUU4xSitEOXEvL2FEdkh6T3BvUFUwd0ExU21RemtCbUc3enYxVStRZXdvUkZTUHoxeitWVzhOSDYySjZXcEduamVXa1kyVXcvcmptU0pUY3Z2WnRoWUZHYUJkMEEvWHQzYkNSeFIzRGJhVlFUUnNsOUpFRFNvK1YwSnJYaDZWb1d6dnNXU0kzb0EwVGRQekg4MHRnZFUweWtWWFJJTWI5TWowMlp3NWMyK0RFdXlUYm9zYmJyTllCMUhDdmovVGdMRFVBQVB2US9Oblc2VnFXZWdEdXMwZjEyZS9oWktJMjJhTzNvRzlqdmsvdi9LWFJIUFB4WDEweHMwSjV5a0dZTzRJckVzRHRqNU8zSkFucEoxbnZkYUFCNEx4UDBJcUVJT2VWZW1KRlBuQU50OGxEbGZjMHdFWUtLdFNOc2VuZUN2dlE9PXw&cppv=2
Request Chain 355
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4679540176611712457&expiration=1705414553 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4679540176611712457&expiration=1705414553&C=1
Request Chain 356
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=4679540176611712457&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=4679540176611712457&sInitiator=external HTTP 302
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=4679540176611712457&gdpr=&sInitiator=external HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7319504538843216017&sInitiator=internal&gdpr= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=2469801775646719594&sInitiator=internal&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Mjk3RURFNUEwODJDQzY3MQ&gdpr= HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESECgbh0IvpRYLTigxrwea6mE&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESECgbh0IvpRYLTigxrwea6mE&sInitiator=internal&google_cver=1&gdpr=
Request Chain 358
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4679540176611712457 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4679540176611712457&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 363
  • https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Request Chain 364
  • https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=4679540176611712457 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12024010214252acea4e840ccb076c&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
  • https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=8a33f43992ea32a22d9c0dbff19d801b&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://tags.adsafety.net/v1/cm?cm_uid=CM12024010214252acea4e840ccb076c&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=8a33f43992ea32a22d9c0dbff19d801b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNDAxMDIxNDI1MmFjZWE0ZTg0MGNjYjA3NmM&gdpr_consent=&gdpr=0 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEJhqK0UFPaWzS5vwmuVV4cE&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=28&cid=CM12024010214252acea4e840ccb076c HTTP 302
  • https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4679540176611712457
Request Chain 366
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NDY3OTU0MDE3NjYxMTcxMjQ1Nw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECJKnBBgwfnomzmQfP1lbck&google_cver=1&google_ula=1641347,0
Request Chain 368
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=3&id=2469801775646719594&redirect=1 HTTP 302
  • https://secure.adnxs.com/setuid?entity=91&code=4679540176611712457
Request Chain 371
  • https://a.audrte.com/a?adform_uid=4679540176611712457 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmRidkVveURDMFJRSnlHSGQyLTNsUzlVQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 372
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=4679540176611712457&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=4679540176611712457&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=12990568880681314274251826280967779066&noredirect=1
Request Chain 373
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=4679540176611712457 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=212920604749004718206
Request Chain 374
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319504538841184398
Request Chain 376
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=qmgp93LL1RkFyG5
Request Chain 380
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=484760665 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=t0RhjYgxFVrRIzZaQn6YDu
Request Chain 393
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k--sX-QaNBKjsZyTbMNKqqQt1NaN3WtrjBxrGUjg&google_cm&google_hm=ay0tc1gtUWFOQktqc1p5VGJNTktxcVF0MU5hTjNXdHJqQnhyR1VqZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k--sX-QaNBKjsZyTbMNKqqQt1NaN3WtrjBxrGUjg&google_gid=CAESEON7zEFyQKqPz8YXJbC-T40&google_cver=1&google_ula=913071,0
Request Chain 395
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2469801775646719594
Request Chain 407
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=qxpoCyNTtcMQMSbh7KoOIyNpatBe0v3a HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=qxpoCyNTtcMQMSbh7KoOIyNpatBe0v3a
Request Chain 420
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k--sX-QaNBKjsZyTbMNKqqQt1NaN3WtrjBxrGUjg&google_cm&google_hm=ay0tc1gtUWFOQktqc1p5VGJNTktxcVF0MU5hTjNXdHJqQnhyR1VqZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k--sX-QaNBKjsZyTbMNKqqQt1NaN3WtrjBxrGUjg&google_gid=CAESEON7zEFyQKqPz8YXJbC-T40&google_cver=1&google_ula=913071,0
Request Chain 422
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2469801775646719594
Request Chain 434
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=DoXUpxnog3QlX1lnDQQbbX2fpbj8dOlR HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=DoXUpxnog3QlX1lnDQQbbX2fpbj8dOlR
Request Chain 462
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=McEOT7AsxZdU8Y2TRvCSntFCWJ2lbSlU
Request Chain 463
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=1bydOYH2AYT4Q2MNWuQ2rOyJkscrLI6t

489 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0F... 		754 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-pYDEr+z0BJPuEz+BXEjyV4f5XAUml66O8uXNxrWB6Ho=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
83f39dbc0fa6366e-FRA
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Tue, 02 Jan 2024 14:15:48 GMT
Server
cloudflare
Transfer-Encoding
chunked
cache-control
private, no-cache, no-store, max-age=0
content-security-policy
default-src 'self'; img-src 'self';script-src 'self' 'sha256-pYDEr+z0BJPuEz+BXEjyV4f5XAUml66O8uXNxrWB6Ho=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
referrer-policy
strict-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
a219c7c7664b5faa
Primary Request donate-now
www.marchofdimes.org/ 		39 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46bd0733876c7af65031bc638d05b096cee0f9d2f8cc136dafa1405a88ae0df2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://go.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
must-revalidate, no-cache, private
cf-cache-status
DYNAMIC
cf-ray
83f39dbd9e259968-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:51 GMT
expires
Sun, 19 Nov 1978 05:00:00 GMT
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-drupal-cache
MISS
x-drupal-dynamic-cache
UNCACHEABLE
x-frame-options
SAMEORIGIN
x-generator
Drupal 9 (https://www.drupal.org)
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
css_i_IAUTuyaYflulzov9QOquZ0DRt2fYtf1VYDyYjfHo8.css
www.marchofdimes.org/sites/default/files/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/css/css_i_IAUTuyaYflulzov9QOquZ0DRt2fYtf1VYDyYjfHo8.css
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3c193a2e64fe803deba1f8c52fbec46e6a2089c546d8b18dc1f9a56ec4ca692
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
265
cf-polished
origSize=8629
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 23:19:52 GMT
server
cloudflare
etag
W/"94f-60d0d56313bb8"
vary
Accept-encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83f39dd33f5f9968-FRA
css2
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eefe1e7d99ab4810bfb479ff54c275efb459b6ae9abfebfd221c4a518ead27d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 14:15:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 13:39:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 14:15:51 GMT
css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
www.marchofdimes.org/sites/default/files/css/ 		172 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26dd3e70c1aa731ac4c5a27ac65c200ceb2756eca0ae5862e8fab8b7d4985dd0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
265
cf-polished
origSize=177163
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 23:19:52 GMT
server
cloudflare
etag
W/"7d61-60d0d563bea18"
vary
Accept-encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83f39dd33f639968-FRA
rocket-loader.min.js
www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
server
cloudflare
etag
W/"6581a422-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
83f39dd33f689968-FRA
expires
Thu, 04 Jan 2024 14:15:51 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83f39dd36f2e1c05-FRA
sprite.artifact.svg
www.marchofdimes.org/themes/gesso/dist/images/ 		6 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/images/sprite.artifact.svg
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
550
etag
W/"19d4-60d0d34b0c580"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39dd33f6d9968-FRA
x-xss-protection
1; mode=block
js_3zKdJjwbnH4zY-ZXfGrKTGbJMU4AUVlFIlJ8EY1UCvA.js
www.marchofdimes.org/sites/default/files/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/js/js_3zKdJjwbnH4zY-ZXfGrKTGbJMU4AUVlFIlJ8EY1UCvA.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f55809ae21d5dcfb8a6e01596d12eb88c0630f7e0aeff4c285b981df7864aed5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
265
cf-polished
origSize=24764
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 30 Nov 2023 23:17:54 GMT
server
cloudflare
etag
W/"19b1-60b66dc85ec70"
vary
Accept-encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
83f39dd3a8009968-FRA
reminder.js
give.marchofdimes.org/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.marchofdimes.org/reminder.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
183d1f7f458dfc35496d9eb446598b1b96658ab4dc316b23cea4cd7bfcd4c8ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 02 Oct 2023 16:39:53 GMT
server
cloudflare
age
265
cf-polished
origSize=6204
etag
W/"e6ce93114ff5d91:0"
vary
Accept-Encoding
x-powered-by
ASP.NET
content-type
application/javascript
cache-control
max-age=14400
permissions-policy
interest-cohort=()
cf-ray
83f39dd3a8069968-FRA
js_-DDrB9INXKSpUh7RYEGn3k9Ww_ejwreIkMGDLsxqfB4.js
www.marchofdimes.org/sites/default/files/js/ 		160 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/js/js_-DDrB9INXKSpUh7RYEGn3k9Ww_ejwreIkMGDLsxqfB4.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c09f9bc171c32544001b130b5ed1f7f2e2b8c1ac817823452288bc678afc57e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
265
cf-polished
origSize=165577
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 23:19:56 GMT
server
cloudflare
etag
W/"f117-60d0d567acfa8"
vary
Accept-encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
83f39dd3a8029968-FRA
google_tag.script.js
www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/ 		348 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/google_tag.script.js?s6mzfy
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2717d806962fe1e4c9810ca869fb82c8bbd86638ca6787d01ff8c947c20df3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 02 Jan 2024 10:43:13 GMT
server
cloudflare
age
550
etag
W/"15c-60df42a4fdc10-gzip"
vary
Accept-Encoding
content-type
text/javascript
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39dd3a8049968-FRA
x-xss-protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
5rel+BW+cbOCNkEJ4C4NBQ==
age
42191
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:19:55 GMT
server
cloudflare
etag
0x8DC026A943751A5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d530a67f-201e-0007-3283-3455e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39dd3eb6565c2-FRA
fcdafeaf549fc682810d.svg
www.marchofdimes.org/themes/gesso/dist/images/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.marchofdimes.org/themes/gesso/dist/images/fcdafeaf549fc682810d.svg
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c73ae3eda72c7eef8b13c75031180df1d81626dec2a68a846094d697fec3546
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:07:43 GMT
server
cloudflare
age
550
etag
W/"1fb9-60d0d2abc8dc0"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39dd3a8079968-FRA
x-xss-protection
1; mode=block
truncated
/ 		200 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fbdec47eb761902c4f7d14ccd5a3b97bbaca6a18d485482157fff7f97684d3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		743 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cc76e7f5b027b2566d97e2701af7b605a376c4a0487302d2634bbceb67eb349

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		538 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4471ccb98d7627f19e1fd997e5562b4be936baf86b6597eb63330c6843fc59c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
019696b175f8558a9f629b596b30b4715bf1219fbee3e3588dbacfb1582df84c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		328 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e944de09b6e048d89b1dff57baf718b2ac1dc0d273e55560decb4c82cc828c8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		325 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52142e0671ba7294da28434e2a92636b8848c1fe284fe09543c4e8f7e4716d11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
116448ff3191f74560d6d91c76cebc18ec741564aa62d5c6f8bdf8f611e8a2b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
218b91569ad8f0a5cf1aba89f3957966ecffb7b5852ca25b709bd8f887a00c90

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		521 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7176a2935514018f4c12a99dccc108407f9f4bdd7c1be1a097cbec7a90fb7542

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		518 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aa2fdddfcb25552a1713673a954bc864de1a7b22dc0ebe664fe8ddb6bcb21ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		392 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
420a436e0e9e1c48a2f9ce50b59fdb2b805d0274cc20fa569fd1726c4dbf90e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		389 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b73c2239b5b0ae6e051cb135734dc2101aeaf9032dd6b2c29ce9679330fc0bd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		583 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b81f50d6d819dd6d6aaf0cb6402329f0479c734ad2f0918eb9f8366b66f78c83

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		580 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a79623b8606d1583bada494ecdaac61b10440ba7a0da23185892f9d86f172dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		535 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24049fb41335d87d82a9faea10cf9aa2a0ef868037667b029d2953a940cdf67b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		532 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b410913850321efd333e39ddf1a5d49a433b29721126ec6d785f8f039e98bc32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
329746577f94a4f1785e.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		123 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/329746577f94a4f1785e.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e758310065d56c81731fadefacd48f77fe962456070bcd42b4fab78e044a69d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
265
etag
W/"1eb4c-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39dd3b8289968-FRA
x-xss-protection
1; mode=block
7ef1e78abcb43e957eec.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		130 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/7ef1e78abcb43e957eec.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d663da5e7f6fe773fda5fe642d04a71cd988f1132b343edb5be914d44a1f534
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
265
etag
W/"206b0-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39dd3b82a9968-FRA
x-xss-protection
1; mode=block
09a9e3080c1a5236f325.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		131 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/09a9e3080c1a5236f325.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1802297dea21b3e6a860ccb64dac092312598f1743b8b6b9dd6c30adb4bfe45
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
265
etag
W/"20b6c-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39dd3b82d9968-FRA
x-xss-protection
1; mode=block
f58d53eb72d7239d4ca8.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		129 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/f58d53eb72d7239d4ca8.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd6d32400095fb406e63e748a6a8451eb6cdefc0f57d5f3217de10fdc57b416
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
265
etag
W/"20448-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39dd3b82e9968-FRA
x-xss-protection
1; mode=block
e78d3d4f87bc060c0a1a.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		131 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/e78d3d4f87bc060c0a1a.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c911d121bdba9548b91e8a057bfae7edbebe988a7423821fc7d4c090c64b92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
265
etag
W/"20a90-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39dd3b8329968-FRA
x-xss-protection
1; mode=block
ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c.json
cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31c9ef99aae6896ff764e44f3cc121359d2a42dc49389a16a8b236f6e8aacfca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
22002
content-md5
g/KZi3qFt3L2oPImJ/jgJw==
content-length
1475
x-ms-lease-status
unlocked
last-modified
Tue, 10 Oct 2023 13:15:27 GMT
server
cloudflare
etag
0x8DBC992F85E777F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8f992677-501e-0040-2c55-143ebb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39dd4a83437d1-FRA
expires
Wed, 03 Jan 2024 14:15:51 GMT
AJPYNTWD
cdn.fundraiseup.com/widget/ 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fundraiseup.com/widget/AJPYNTWD
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c539677a5fa924b3f663fbe2026616c64bd4080701b43c04e6489f9d31ccb87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"700361656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1NDN133Q3tJIkW35SGY4VGyAEYSfKr3Zp7vMo%2BD%2FdrvJ33hqsVcjFyUh8wvvGzLD2jndpamhChdzX48rv5YNY%2BClaLNDJFApTwgwDhAfBbgCRHBGLXEQJB1Sq%2Fc6r44KZeC6mQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
83f39dd50caa2c5b-FRA
link
<https://static.fundraiseup.com/8404ac38d731.elementsApi.js>; rel=preload; as=script, <https://static.fundraiseup.com/embed-data/elements-global/AJPYNTWD.js>; rel=preload; as=script, <https://static.fundraiseup.com/3.5405c7d5a80b.async-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/2.f1965a53d878.elements-langs-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/0.a67f871726a0.elements-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-vendors.90571ef5681f68c03c51.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-styles.5314794eb173af8226ff.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js>; rel=preload; as=script, <https://static.fundraiseup.com/sentry.46ead00774987992ad1f.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-modal-fiat-flow-factory.412db339158e6d1dd863.js>; rel=preload; as=script
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		362 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/google_tag.script.js?s6mzfy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c42a32f2aed68470df2b2a8426a9f0e78c0ef0e55a43c73175855ef777ae6724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109275
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:15:51 GMT
sprite.artifact.svg
www.marchofdimes.org/themes/gesso/dist/images/ 		6 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/images/sprite.artifact.svg
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/js/js_-DDrB9INXKSpUh7RYEGn3k9Ww_ejwreIkMGDLsxqfB4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
550
etag
W/"19d4-60d0d34b0c580"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39dd468cd9968-FRA
x-xss-protection
1; mode=block
rum
www.marchofdimes.org/cdn-cgi/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4345 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.marchofdimes.org
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
83f39dd468d09968-FRA
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202309.1.0/ 		424 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wp4bduWb8cLN8oREjFODhQ==
age
22728
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
104423
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:28 GMT
server
cloudflare
etag
0x8DBD0539A07337D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ebd2dd6e-701e-000a-56c3-139d34000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39dd51d7765c2-FRA
8404ac38d731.elementsApi.js
static.fundraiseup.com/ 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3de7a0f6d4d192cc931ffc60dcd9c41cf823614d8fe3264c7553611853a2dc52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA22MZ07EHTFRKF1
age
18771
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
cO3674cfne0wwL2Seosqs6xR+gKV6dNmMeopSmvahpylHNPvWteENNNfPt1q5sXTbtFi7/Gqw4s=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"a1890ed56981ecf46c638b122d04247d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBE278lV7d0v%2BiAI%2B01xnkrXg0XNdMNwx7xIIxSXhzBq%2FRx1TUbHXgL22MN6%2FySgGfMbgvPvHmTA2rnl1%2BDqnxnZr2cfhijLsoN7HBRCNJG%2FzTJegDO53Y2PIcDUXBaK2kItdPDO1sg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd5cd692c5b-FRA
AJPYNTWD.js
static.fundraiseup.com/embed-data/elements-global/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements-global/AJPYNTWD.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50703a9859028e070c5ba54517ac39c873fcfc5015907f5dac21c78648ccbdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TMSSVFEX522G9788
age
330
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
nZa+BhBW5xUNaMPS3tBSfXkVWUJbz5FholAk6Q7ftBvnLzktiIOFEX8cu1JZDPS1qVXp+oVt768=
last-modified
Tue, 02 Jan 2024 14:10:16 GMT
server
cloudflare
etag
W/"63cb5dadcb23c4e25551f1e7511c5365"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9UCDbeIYrQiU4pWNKKMEonuMcX4yTNSe3%2BQDUJ4SB2Sxw%2BUboNcIsqmBO2Yiwp6C%2FrF4xfMMZAP408uuk0Zz3JhJVyEU0UGuij%2FxP12O2vk2PBE3GN7%2B96lt6X89v3AJUFl%2BhNVtS4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39dd5cd662c5b-FRA
3.5405c7d5a80b.async-vendors.js
static.fundraiseup.com/ 		102 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3.5405c7d5a80b.async-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fda46ad6de82ed65908428f090ab3cb24da2b2ab22e3f19e2713e94eecdc907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9BZ837EP9QHVB2C7
age
623148
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
SMAI9AQGVNCtFfBu0veoe+BCxP2kQTaPp/gfMJAtyCcX3q2wTUrTJcSbmhTprnEcT2IhBqCiLr4=
last-modified
Tue, 26 Dec 2023 08:53:44 GMT
server
cloudflare
etag
W/"b78f8a914b2aac0785a820267d8712d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88ID37TD7Ud1mFRIB961%2F6NSWaYnyA1Z4t4VO6cduOSzyuFGsQ4rCK9UVta8jRJPprlDCx7jtmR%2BfKhG6s0iYHpt0UV2yCC5GPQQN1uNpSh3Xfdn%2FB3pa8h7S30KcLHrikv3kPQX%2FjI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd5cd642c5b-FRA
2.f1965a53d878.elements-langs-vendors.js
static.fundraiseup.com/ 		295 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2.f1965a53d878.elements-langs-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c963fd1212d60ca1c683bccb3c3ace830cdedc1dccf7256c112a9708f9e7cf88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V0EJZW0XMZ9X8A
age
362137
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
UIQ1dlw0+6bcy3dETPWY5ykd0xB2XT43XD8bVWY46z6ohl4vhIeNwAPPntHiP156+IRu1qfrPco=
last-modified
Fri, 29 Dec 2023 09:23:28 GMT
server
cloudflare
etag
W/"86230c72ced6be65504232d51156f84a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVoCmURi0M8pfhmo4ACubeO1o9C1KvDqbyk1KdtelcYNfaCqcGXo4OPuBbf9abk9sL0WH%2F%2Bs3WoBgFEqpANKAJLvSzThSxpoAwzf%2BZgkgMIO0qdcvSnDqP3QdpHrw%2Fmz1c8pUMaXTp0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd5cd682c5b-FRA
0.a67f871726a0.elements-vendors.js
static.fundraiseup.com/ 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/0.a67f871726a0.elements-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642d50bf95258a7181203326b05c08982dc5298ff21982594594a2ece141bed8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32VDXSSF8SZNQ0QH
age
362137
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
qlMPaBQHIfgFBtcPLytsv6107dLRwelZHeCPqXpqdpjkkyQV3k4mFwpO52QNxGAey2YBP2v3cPQ=
last-modified
Fri, 29 Dec 2023 09:23:27 GMT
server
cloudflare
etag
W/"dc6cd5ef97018916a1e5cc76f51b6029"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRCZ1MBuzilWGp%2BKoqjAxji6Hm42GEhs1cwN9330cC8hwpgwNhgK%2Bmb6KOByOfP9z5gjh3QMSM7b0IkCkuOxLI4LCAyffd%2FEQoDA1tpPB5IAi9OlL1sS1SHpq45nxQ9jRI%2FXU3BK5Ps%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd5cd602c5b-FRA
checkout.677091bbeb21f0afc5db.js
static.fundraiseup.com/ 		311 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b59918ab6733c57a8a7a9d6a1968d29e79df70c67909ddf241e029d0c15230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA21SX60Z9EC5P3Y
age
18771
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
gjpkyxv5xXJP+Q5EyyT0Eu4uDw1ugtCM3HZ5KJq28PMGRkCXF2jdKM1CDBrs6ckUd9QxdfrdhYw=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"52c4020f627c9a2863287f67e826bf65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVZIxyyMmEVALaFULwfj3ZvFDbGSKIvdiJ3zeg93MhNNKqKzkLwnjzLkjXc3MmlZVwx6%2F%2BT%2F9kbkysPe8wT%2B%2F50EUpjs2S5v%2BkqsjQcFpRbKT%2FOtBhMAo2CA0Pi0igKvPXCo%2B4lUM4o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd5cd5e2c5b-FRA
checkout-vendors.90571ef5681f68c03c51.js
static.fundraiseup.com/ 		325 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-vendors.90571ef5681f68c03c51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ee34fcf7db9c8bc2412f47c264d8de575c2d477198cabc635ba538ddcd77f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CQYGXQZ70GX62S41
age
971008
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5T3O9JUYfnaUWDFHxKjayhGAgZ8QlgiG1v0gKXF4Mq6o6vb+e4pIyRU0qrq9DIEWfwy5VELhRF4=
last-modified
Fri, 22 Dec 2023 08:14:34 GMT
server
cloudflare
etag
W/"aed625f3509871737d1044d3a87ee8b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BM%2BtgQowtz0Z4h6eq%2FjWBumkKukruAQnUUvVpf2mAXJKi9p%2Fg%2Bve218OZzASUGgerjVHGJydVHYosMyfmVXIfME%2B30ZcIqGmBbY652a2Jybhr%2BBLKZxHg2z3z5iK94LG3RTIiq2n8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd5cd612c5b-FRA
checkout-styles.5314794eb173af8226ff.js
static.fundraiseup.com/ 		118 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-styles.5314794eb173af8226ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a900b2a6524b9f6a640eddeda6e045bea4aff194c9203ea660e6db5743b69b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA23GX1JW7ZTTZS2
age
18771
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
CkwxCFIWjlSTJXwFSnB+ElVgIw5wSifXB9DIDeZijW0Jcs5UT3nOHzWP4GG3ZRZSFb43ISYyPy8=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"7d4d7c4dcf370f6ba0a1600c8277782b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiUMJbSJ%2BmsFQFBbgDRB3jaCr6rDZQEj0tmaZrvS2EtUYmoijG8HgH0PW2mTZKZwdyKGMHKZj7IhoSPU%2Fj2A7pY0vN421FsBqUfttet5z3QI4cvSRr0oQxOxY0DZc1XxFOZ7fiqMv2o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd5cd632c5b-FRA
checkout-sentry-vendor.bbaab79af6ac4ae5c523.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HGGKTGCE1YZJMSDZ
age
303517
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
M+w43jSCHQSas6McrOwuQwgzIUYcou3C9DSnhph0wEyr9HpWTu4JBe3lPiX6TEs4ht/esiZjbeY=
last-modified
Fri, 01 Dec 2023 08:27:18 GMT
server
cloudflare
etag
W/"e8cb215ba1bf6e188dcd93c7faa7d814"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPEe3byuxQH1%2BeyV2d5rO4VgiKizeiFSijfQTxBRPLT8vyTNxUJd0SK%2FHL0tbPeqs83D04bxJ1jg66HCX9cbn9GYa%2FJr2hn6IVIb6Cct8AugcY%2Fvbx64I8IyV%2FZsBr1UsNexk3r2tRw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd5cd552c5b-FRA
sentry.46ead00774987992ad1f.js
static.fundraiseup.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/sentry.46ead00774987992ad1f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f300f66c1304e23bfc15a23908129f0b10ff24c89f5a2727bc52735acda82d57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CQYKHFR43Z09DA45
age
971009
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
JA8OmN2l6WBWtENfumEOJLCyYpu0u7D79btpTmOT6BnrRDpqWY2ZhNnIbnl2erxo8EGRzSVB11g=
last-modified
Fri, 22 Dec 2023 08:14:35 GMT
server
cloudflare
etag
W/"d325c5401c790cdad1125c429c0a3570"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGDJs2V0Dd1FwVNivpiKXfWLizXP58JZ7V4QKfCTRVeo%2B%2BJJnAcI1YlXloPwx2FPq96bacGgW%2FOD2AFG7gbPJyNie5bhx2b4gmcOpvGwG7DO43VgqAL7dqA502kEUawunKy%2BKbFxpdo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd60db62c5b-FRA
checkout-modal-fiat-flow-factory.412db339158e6d1dd863.js
static.fundraiseup.com/ 		193 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-modal-fiat-flow-factory.412db339158e6d1dd863.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae885067159b6a4c7f153446d01bd1e0405d0acd180089840397091758a42695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32VBVMCC8ATRDEFD
age
362137
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
YqI0xXDDXmJIpInYMPB9zR4M39VdywUrUQyWUao3pWtE4clUSwzq8IMwq4qbZoBllQYTopuYv3U=
last-modified
Fri, 29 Dec 2023 09:23:32 GMT
server
cloudflare
etag
W/"a841186be43e9817bb06608166c38a47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pav3mSCt4FBn60IT%2BdGgSo6tFlF5SBXTEwGx%2FW6HJ4dxFhVC52Cj3K6n4dw97mxv7deAabbnsSZkYbF9WglSzQjDEFgibVziBEhUPoLc8dcG6Nw97gSoU%2FKG4W6gOfnoSWz6JweJHfw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd5cd5d2c5b-FRA
tb
fndrsp.net/ 		2 B
487 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXMYu5kAN2h5kkNEZajCKCyGGo1QGYqkqqBr1qYIEZqrxu%2BtN5bsN1EwxTcKBXsjnk3avCukAedMXF3qrRrgpKppkN9Oq3oOsIaEAtvo69umYmTeEnG1VO0J80CY"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39dd8bc44171e-SJC
alt-svc
h3=":443"; ma=86400
resolve
api.fundraiseup.com/checkout/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.fundraiseup.com/checkout/resolve?key=AJPYNTWD&livemode=true&livemode=true
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5adceb2b0d02bfc2389c6e88a7df65d5f5261523d06efd195021294e34c402b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

fun_c_status
HIT
date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
fun_cp_status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
fun_c_ms
9
alt-svc
h3=":443"; ma=86400
fun_cp_ms
123
fun_t_status
HIT
server
cloudflare
fun_t_ms
106
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jr8YKeHOzX1oQ2Ctb%2BL41oGi%2Fhu%2Br06kr1NbLgsOEtkiVkbeLKrM8ro6AggBqYXcjgJVfoqr0unhhZ0k610Hu6ozsmRWPRY1NXWmDOXfNIVk7YFwEvFZIPwl%2FFHgjCFCbsFfcKA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39dd60dbe2c5b-FRA
XTDESWHR.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XTDESWHR.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
517aa5c6549c92ef5244d8e9df5d662310d50ca9419b12b9157e67ff640be3b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TMSJGVQ4DD96XP9G
age
330
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QJBzEBO5NZHo24zaUM+DrqzdISA1KIvKF6gBF1f4uxX7yaHxzAxLdcdpBS/sATZwGgXt1fgHA04=
last-modified
Tue, 02 Jan 2024 14:10:14 GMT
server
cloudflare
etag
W/"88a40ec077d8e3a73aff5ba0a8ae0127"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONeiMByqUumIu12jvHU%2FOke5hqkADrytOFcm64QFkmuRmLwHtj5sZnNr5mee5yC54PHc5hvDBNQ8ORfL2eDu2wiRdafprOeqlNeAthLEb0PYh4Imw%2Fiys%2F3%2B1bj2wyg4%2FQfvjTSzbyg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39dd60db72c5b-FRA
XKPELUWA.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XKPELUWA.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bff4e5a01e8dd93a69abd5a5531d53cd891f65134c552718134e0adeda2be295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TMSQ0XNR5G3PMZQQ
age
330
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wMy6XrMl3YsFXIjy3o9XtpQnZ2OCBJu5Ri+3n3KFuXO+/D0JgIYOi31j3obx2MIPirtkSDxOqGU=
last-modified
Tue, 02 Jan 2024 14:10:19 GMT
server
cloudflare
etag
W/"d9ccba06a738c5e01e9a85a29f1da6f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7%2BpSzCeldPNAyVe6h3US8Uv5YL%2Fyrv1xLyLZoQKfEmAAze2CDNbPwhK%2BUY8eTocgMdUh54yIodan7Df3HjCH9Mq2QzXCGE410S3wL%2BZ34Dp7iaZE8MJ1sLrVzm78eV9LQ1QtjNUWcM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39dd60db82c5b-FRA
XXTZBBEE.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XXTZBBEE.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6109a9264c6bb75eaf69d45fd3fc6f193794adac940245584a014c10d334dda5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
68WCFG22F4P8T3JQ
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/JEcokEK8Os4CkOsyIfxU+UsMIcH8/e+dthsGZnhXD2Q0caICYG+O68wcyiRYnV91GZofg9spDM=
last-modified
Tue, 02 Jan 2024 14:10:23 GMT
server
cloudflare
etag
W/"e6e67bdaa2cd00905d537372a5883457"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7InybQNtPDYajm04XFp2h2nDvk%2Fz74i8PMigVpChRZPd4fSJSoS0zIPnFrFJJDMPR4%2BfbZRyOb%2FSMcQCWfzGkqEXvjeHz3oyi5e9f75y0Xq5WMUHa%2BXorvvqY6qiTERhwB0b7sdXfHU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39dd60dba2c5b-FRA
XPKFWDNY.js
static.fundraiseup.com/embed-data/elements/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XPKFWDNY.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb218a2b6a039eaf89cbd37cd1555bc0f0398efdffde33a410990feda30a3c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MNHDVHBFYS341QV8
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
kAGcPj05pQINaGhqezv/H0xxkMJiIaW8ImAwOaf+M74f7xjzQ66o+nfbsUMO7h8KN0rxqp6WBAU=
last-modified
Tue, 02 Jan 2024 14:09:11 GMT
server
cloudflare
etag
W/"b6f45d082613bd164faa1972ab35be8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laomAWogdtsBzx%2FRphd7Hh2eLguH1fI4Gowe5kNXHPjDMUcOn3UawDcJmFsSyjQKx6dpUCe%2F3dmAwtu5kXIWQSEgmh8QtPSS5scucfQg8%2BGdtMGy1AsL8amUEJrZAaBc0E9%2BxaKT%2Bho%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39dd60dbb2c5b-FRA
XJLGKPSJ.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XJLGKPSJ.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac93c14f7863cc7b7df8e279a534c4940cae9a66ae48192761c6b7c5986eee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PCTHJRRZ2ZKM4ZPN
age
330
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8QJDrI1v242LeLVWKrbJiCFLXVnbaL1mmZFJ/A+XsyGVla88U0kNRPAPHZTKCQa6T0C4BSSei7E=
last-modified
Tue, 02 Jan 2024 14:10:16 GMT
server
cloudflare
etag
W/"d0e28a7707e3fe1515e6d50b834b1cdd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMuiF8%2BFkmC3nSLKPJAgfhMEqBVGlNp7pOsrwheqPbaF%2Bn%2BOq%2Bfvmt1qQD25CeYrUFAtZVj56ER2NR7V2a2Th7Fp91Ogk6Q8cUliwHc563XsEnb85IaonqwHGEiCi4xvr%2FDEb1jZLPg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39dd60dbc2c5b-FRA
en.json
cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/03dae8d3-1490-4973-98ef-e49e49eac3e6/ 		91 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/03dae8d3-1490-4973-98ef-e49e49eac3e6/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db2fe02b994fdded9fe3acc3f595150e738f4a0c34d9a41e76a6627be26b5352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
50999
content-md5
pmspCWhZwPW8+QqTyR8o7Q==
content-length
18521
x-ms-lease-status
unlocked
last-modified
Tue, 10 Oct 2023 13:14:55 GMT
server
cloudflare
etag
0x8DBC992E56CEEA8
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
196f8fa7-701e-0078-5644-149a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39dd5fa1537d1-FRA
expires
Wed, 03 Jan 2024 14:15:52 GMT
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28a17f4ecd44eae4f37dfecabf3d36b995ff77b4b9d9d9084dc839e2f1bcbf4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86207
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:15:52 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-1-118.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 05:33:54 GMT
Content-Encoding
gzip
Via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 Dec 2023 01:34:49 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-P2
Age
31320
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
1PBjvR5RPiOJnuo5KpJY66_p_UKkIkBYT49tKPWGhJqJFwjet1Nvyg==
js
www.googletagmanager.com/gtag/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8832015
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e6f672e4624adf7f76bb6c0b7f5eaef89011341493fdfeb0bdfb4151aeb9fef5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67461
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:15:52 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 13:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1655
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 02 Jan 2024 15:48:17 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1335104/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ceee682f306a64e8cf1b48d513f71a81dc852709cf2b36b3d9b3719fac0b0fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
CPjc27vK9QkggOQSCDqJ5FsgXBZJ9dxj
content-encoding
gzip
via
1.1 varnish
date
Tue, 02 Jan 2024 14:15:52 GMT
x-amz-request-id
MCBHMDAX4XV4X5K9
age
49
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
19973
x-amz-id-2
Gdh6a7kMxGRYIpWOuCzSFvhR4E3KDxWynrs2sa3oG9bRYceZhiCErA/obJzxc93k7Zusr8xziLA=
x-served-by
cache-fra-eddf8230087-FRA
last-modified
Sun, 31 Dec 2023 11:30:35 GMT
server
AmazonS3
x-timer
S1704204952.213404,VS0,VE1
etag
"4c28249a704a2eee05e8cffeb2135111"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
72
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
insight.min.js
snap.licdn.com/li.lms-analytics/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=75533
accept-ranges
bytes
content-length
15541
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:15:51 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 35E7F8E2FC9844EABA989EC247DA8594 Ref B: FRAEDGE2019 Ref C: 2024-01-02T14:15:52Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13187
activityi;dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=...
8832015.fls.doubleclick.net/ Frame 67B4
Redirect Chain
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafv...
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;d...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/activityi;dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
cafe /
Resource Hash
ddc4f19e31795b978d4578949e507c0a1c9fad7806dd974f33e1d18483663a38
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1236
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:52 GMT
expires
Tue, 02 Jan 2024 14:15:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8832015.fls.doubleclick.net/activityi;dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafv...
8832015.fls.doubleclick.net/ Frame 470B
Redirect Chain
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;ua...
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
cafe /
Resource Hash
074d6e29e3e1ca806261dfed28139969439e9370cba7c00d5ed7bc2da61e6dc5
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1768
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:52 GMT
expires
Tue, 02 Jan 2024 14:15:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:15:52 GMT
obtp.js
amplify.outbrain.com/cp/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.106.209 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-106-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 13:05:28 GMT
Server
AkamaiNetStorage
ETag
"928c0d1860f13b981036d5c18f950ac2:1703078882.762337"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7779
Expires
Tue, 02 Jan 2024 14:35:52 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:15:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
5okiSvmZ1TA7bSg8WFJ2gmoCU+wzO+FfZF5qPvXn8tQdaTb5UM+G5x/D8ijWMKH0T3cWBn9qg0uk7Tacts8zBw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/101125894/ 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/101125894/analytics.min.js
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
83f39dd7890c92a1-FRA
vary
Accept-Encoding
B21591273.227039140;sz=1x2;ord=924843908693
ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=924843908693?
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
d8a46eeb51fdfb067d8893f32f255041ef7eb8f53c2f5e1d02c3d1fd4e575ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14776
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optimize.js
www.googleoptimize.com/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-W2ZD7L3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29dd43eecab7da13ab1c7d6b8e8c2164fcbd0e7aef445cf7103c23e0a652fbe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50569
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:15:52 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHD93M3C77U7KUN3M5L0&lib=ttq
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.110.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-110-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dbf123460c457a94828a37116d5bee81c7f03af4c5cb17dcf5edb6ce9005ccfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id
38ac0029
date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240102141552A57C95A49518A0608CF6-3EF8C84B12DDE773-00
x-cache
TCP_MISS from a2-16-110-63.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=2, origin; dur=104
content-length
1939
pragma
no-cache
server
nginx
x-tt-logid
20240102141552A57C95A49518A0608CF6
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
104,2.16.110.63
x-tt-trace-host
0165e47387a63d2aa752b09d3ce4dcb1854a83302e1704b8fb51f9e20a356e49d06bc765c8841d23729f5fa16616af2453e835c17feeb06f5e0c4eab58e1a3e1ed6373a3e48acf8b7a06341c2d664806259d9015caf1b6ffa382e908b5d78b5eb8
expires
Tue, 02 Jan 2024 14:15:52 GMT
adelphic_universal_pixel.js
js.ipredictive.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ipredictive.com/adelphic_universal_pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.194.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-194-91.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
via
1.1 0a22f8f332c3e135af4786cbb2490510.cloudfront.net (CloudFront)
last-modified
Fri, 30 Sep 2022 15:42:59 GMT
server
AmazonS3
x-amz-cf-pop
MXP53-P2
age
266
etag
"83b469155694c51d4c5581028a6788bc"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2108
x-amz-cf-id
giINA_RpfDnmV7Mq0_dNfs0MPnVMV27SyRhRVVxiga6ns21rSnCmUw==
trackpoint-async.js
s2.adform.net/banners/scripts/st/ 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
gzip
last-modified
Tue, 23 May 2023 09:56:34 GMT
server
nginx
x-amz-request-id
tx000002a4302a981bc3024-00646c8ee1-3295d04c-default
etag
W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
B21581475.237971066;dc_pre=CIOHuZbyvoMDFbGXgwcdbkwPWA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CIOHuZbyvoMDFbGXgwcdbkwPWA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;ta...
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CIOHuZbyvoMDFbGXgwcdbkwPWA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CIOHuZbyvoMDFbGXgwcdbkwPWA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B21581475.265419780;dc_pre=CLKCuZbyvoMDFVT0EQgdCfAApQ;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CLKCuZbyvoMDFVT0EQgdCfAApQ;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;ta...
43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CLKCuZbyvoMDFVT0EQgdCfAApQ;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CLKCuZbyvoMDFVT0EQgdCfAApQ;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ku3O1VFWoltPW4n5m1lGVQ==
age
21956
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:22 GMT
server
cloudflare
etag
0x8DBD053964DC527
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6e914481-501e-007f-5f93-0cf618000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39dd73c0237d1-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xznrm5/jaKmHSjGeIIkHOA==
age
50998
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12708
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:24 GMT
server
cloudflare
etag
0x8DBD05397A0A023
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
3b583b4f-e01e-0055-63e6-1d2908000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39dd73c0437d1-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
50
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d8b77f44-101e-00a5-15e6-116ff9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83f39dd73c0537d1-FRA
1.5872cb4a8c7e.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js
static.fundraiseup.com/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1.5872cb4a8c7e.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9719b638317091bed0ab518c0ef99c5dbf1a3083d8b481673d376c47b3da124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0AAF602NEP314STH
age
2179920
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GAZAeaRCADQ/DIW6gK/+G4gRxi1A1IXrSs0pb1x8wcBf067A6ugNWnRKymJK2KC69xznj1m8JUE=
last-modified
Fri, 08 Dec 2023 08:26:00 GMT
server
cloudflare
etag
W/"f57799c72cbd1c6941978c660aaa9f6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJu94NFo%2BpdM5X6nRIdtPQDZY8CiVgbJ66%2FjZeYjnZfvx%2BY2xaXPUUiTsIlAsHBfMac1EPn08sSGDCsEmBBt0mcL%2F4b648lm%2FNtibRrejwjlF9YUkBUVhlPSLgFX%2Fn4nfU%2B3ZE6rz5g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd77f912c5b-FRA
389.813e7f9b9882.text-link-v2.js
static.fundraiseup.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/389.813e7f9b9882.text-link-v2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ed0a4e695771f9903b95ac84166dbb8b89a5f6ead020bdba7fccce3d082e2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V80D42BV5C29VN
age
361928
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2xDHP48ufjvN6vA7Q/Wley56ZX9C7uhe3zRp5csA1noGm+RbHqzDCj4GafmzkbfAj0xVpWq5xpQ=
last-modified
Fri, 29 Dec 2023 09:23:30 GMT
server
cloudflare
etag
W/"ccadfbcf047d907051c579f0f7f797dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rFJgvsrrZDN2cSOWcM6ByMZvFH9guOYYWHxcNLpt5LHEkMMlIKNi9z7HU3J0N73IqMO5dXGY0NlQFQ38R9VaD3k4yerXqtYdbu9YwbXBgdmbLmlx32uBDKSpYjUO4XRNpFEI30xiiA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd77f942c5b-FRA
307.3df928c14096.donation-form-v2-styles.js
static.fundraiseup.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/307.3df928c14096.donation-form-v2-styles.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81cde3f01b38120a310a1511896c42f68a46f83b6a5ea874ca447de65563cdc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V5X8YVAKN05DZH
age
362127
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2EntU+ZCb786lYHNna/Hurz3XoVdGLj1JMFu4AYUDFeRbeVXtz9QwoAQ16JuYSMTF3re5MFBd7o=
last-modified
Fri, 29 Dec 2023 09:23:29 GMT
server
cloudflare
etag
W/"7b20bde1eae8635ea029b426c8f07f8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QN8MI0do3nsgF8Ywk%2F6WgtvmScX%2Bm0Qg%2BHvILRx8h%2F3hC0%2BdpSwu8AQd6EAfOlDIiIcSagGpUtHAd9%2BTwSiFeZ4zm6cgR7t2wmP55RJKzmjFhddRJBt7m9kStnAwa%2FcsVLesvGLNlTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd78fb82c5b-FRA
305.1b1d79659d99.donation-form-v2.js
static.fundraiseup.com/ 		84 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/305.1b1d79659d99.donation-form-v2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98b2231b86974817ee296cd79e82374ecaae68b096638100e4bdd0b0386a2997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Q3RY0FJSFG5GQTAE
age
362127
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wjAxgR7p9IDsIyNiUCbQkJi693x+tf674r+bgKfhw1TdL61QpoamZ1k+J0ULFeSsslJxhv8zfGw=
last-modified
Fri, 29 Dec 2023 09:23:29 GMT
server
cloudflare
etag
W/"6e5927e25767d3d52a94d444fade75b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZf71GWqkRH4GeHn6PzGQgsy6WHd5gE%2BCYIUpAwU0nJ9eKW02mq1A%2B705aXe2Gww9G0qRlu7fvG9Tm69e7%2BH8NDuh%2FgkTroFo1v4o%2FXOHu9B7j0vLUObefQKFAgtitNAuV%2BZTgfnwJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd78fbb2c5b-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
488 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:20:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a9d61206-701e-0078-3ca2-349a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83f39dd79c8137d1-FRA
MOD_Logo_Donation.png
cdn.cookielaw.org/logos/619fa1da-f983-4882-ba6d-40627ba6ce87/a03b80d6-3bea-4390-97a7-fc8fcf47da90/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/619fa1da-f983-4882-ba6d-40627ba6ce87/a03b80d6-3bea-4390-97a7-fc8fcf47da90/MOD_Logo_Donation.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b57a6d97fc4340e01339086713fe15bc8c6bace25a8fa8b8682558c953c444a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OUtpBJgltqUBYxR5JoTCtQ==
age
551
content-length
20107
x-ms-lease-status
unlocked
last-modified
Mon, 03 Feb 2020 15:42:50 GMT
server
cloudflare
etag
0x8D7A8BFB9C0ADEB
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
d1d73800-f01e-003b-7786-0c7c27000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39dd7a88665c2-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
26928
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:20:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a220a8b7-a01e-006b-498a-34be77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83f39dd7a88965c2-FRA
rules-p-4LjrHyeV3QUW4.js
rules.quantcount.com/ 		160 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-4LjrHyeV3QUW4.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2aa9b0ccf31fe34e187c3b09bec7e9d8fccdeb48a5b2223d9f80df2a8790a6af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:02:58 GMT
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
802
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:45:31 GMT
server
AmazonS3
etag
"52b67ed0d6de08757c0affd0509ae576"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
cvtsRZ5R5_saxdiy7x-H7hQAE8owD6c3vd1slZOARO9-AcffCirzHg==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204952264&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204952264&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3446297%26time%3D1704204952264%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204952264&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204952264&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_mediu...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204952264&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&cookiesTest=true&liSync=true&e_ipv6=AQKLQxcx0bQkcwAAAYzKh-UnSGQSyL26oIGzAm55V6JbCHbwlAqj3bpJjEq8jk7S-7ox6TqS54e1
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 41681E861C53417A97E7CEA878B4F962 Ref B: DUS30EDGE0821 Ref C: 2024-01-02T14:15:53Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9yLa1bklF7xzGTwAlA==

Redirect headers

date
Tue, 02 Jan 2024 14:15:52 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 4FCADD40D5AB4C57913EEF9CD8D319DC Ref B: FRAEDGE1112 Ref C: 2024-01-02T14:15:52Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204952264&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&cookiesTest=true&liSync=true&e_ipv6=AQKLQxcx0bQkcwAAAYzKh-UnSGQSyL26oIGzAm55V6JbCHbwlAqj3bpJjEq8jk7S-7ox6TqS54e1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9yLXBkaXfvadoxF4zg==
json
trc.taboola.com/1335104/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1335104/trc/3/json?tim=1704204952275&data=%7B%22id%22%3A118%2C%22ii%22%3A%22%2Fdonate-now%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1704204952264%2C%22cv%22%3A%2220231231-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%22%2C%22e%22%3A%22http%3A%2F%2Fgo.marchofdimes.org%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtruenorth-marchofdimes-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22OneTrust%22%2C%22cbpv%22%3A%221%22%2C%22cbcd%22%3A%22%2CC0003%2CC0001%2CC0002%2CC0004%2C%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1704204952274%2C%22ref%22%3A%22http%3A%2F%2Fgo.marchofdimes.org%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
551d2b6788462322d7e91da4329806e55373231f3a1d4e667f68d4cbb32d4fb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
23
date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.3234375
x-fastly-to-nlb-rtt
7613
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230087-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1704204952.280830,VS0,VE23
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
js
www.googletagmanager.com/gtag/ 		207 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-794610601&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4144ecfa21078502c6ccd95fcf8d2e5c6cb44d98a12d22dbfeb3745eadb612f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75643
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:15:52 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1071894384&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1bc9a95a5a47428df5254bd2966385ee4c11cf185e7be35babfad4b4d5bb0239
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80958
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:15:52 GMT
up
insight.adsrvr.org/track/ Frame E0EF 		0
60 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=2n62y3m&ref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&upid=b8lvzxo&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Tue, 02 Jan 2024 14:15:52 GMT
server
Kestrel
1621384747882069
connect.facebook.net/signals/config/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1621384747882069?v=2.9.138&r=stable&domain=www.marchofdimes.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4bc9b49ae6ec81de78cb07234ba748e5f186b819079eca3e7e82db4690641275
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:15:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36114
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
u4Z2zBevDNdy150zThvt9CP52dm3F1Q0mdh/bxt0mdnLNHIICyZTJm0dvyssMI4paaA6puiLwbVbz1U2/yi5dg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je3bt0v894839724z8894218235&_p=1704204951738&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=978548255.1704204952&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704204952&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&dt=Donate%20Now%20%7C%20March%20of%20Dimes&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4255
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
25017097.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25017097.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:15:51 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 72A3450571BF4D1188F3D723896637A8 Ref B: FRAEDGE2019 Ref C: 2024-01-02T14:15:52Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25017097&tm=gtm002&Ver=2&mid=fa071cf0-c3c0-4592-be25-e05c3e22132b&sid=6f94f490a97911eeacdaf95a28117918&vid=6f951190a97911eeb3974bd644bffa72&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20Now%20%7C%20March%20of%20Dimes&p=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&r=http%3A%2F%2Fgo.marchofdimes.org%2F&lt=3666&evt=pageLoad&sv=1&rn=387675
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:15:51 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 512470056540487D849B9A1C62579AE3 Ref B: FRAEDGE2019 Ref C: 2024-01-02T14:15:52Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=08765894464711794&referrer=http%3A%2F%2Fgo.marchofdimes.org%2F&cht=ot&marketerId=00cffee659fe578dc2dfc7fa0fb839455e&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:52 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
4722eabd08004575db0d81d0f600e478
Content-Length
54
Content-Type
image/gif;
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=014268763727509848&referrer=http%3A%2F%2Fgo.marchofdimes.org%2F&marketerId=00cffee659fe578dc2dfc7fa0fb839455e&name=Add%20to%20cart&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:52 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
8b211ff227d7df5ac123d3a12b138df3
Content-Length
54
Content-Type
image/gif;
cachedClickId
tr.outbrain.com/ 		35 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00cffee659fe578dc2dfc7fa0fb839455e,00cffee659fe578dc2dfc7fa0fb839455e
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
br
X-TraceId
3fd3070e78bfa4c412be258095d183f3
Content-Length
39
Content-Type
application/javascript
00cffee659fe578dc2dfc7fa0fb839455e
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00cffee659fe578dc2dfc7fa0fb839455e
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.106.209 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-106-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:52 GMT
ob-sent-time
1704139603936
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-RG
EU
Cache-Control
max-age=60
X-CC
DE
Connection
keep-alive
X-TraceId
d23c4efd7e9000602c47e2dea77593f6
Content-Length
2
Expires
Tue, 02 Jan 2024 14:16:52 GMT
4537.6416dff170ad2bc44ace.js
static.fundraiseup.com/ 		255 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
225cd565a241fd2329d7fbdc32be0c9d94ac4692b5f9b507454604980a418c70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PT5EBCS9XXGR9BCH
age
1829878
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
3mw3g6ltuYzA0iSeWXIp6LFhQmHkq4vQqxbuWakxhhUIyE/lphGv6gCByr8xCb12HG1vu6ytYJg=
last-modified
Tue, 12 Dec 2023 09:38:59 GMT
server
cloudflare
etag
W/"6631e21e1b1afb4c947a250e1103a883"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GD2CEVaNi2DLdIKDnR3ttkmq90Ck8k4a2UO37rErCOoruw%2FbomUX6k0yYNB2ChRwjkwBAA00cdCGrN9pY4DQ5ITgdj2BxZewx%2FNhiV53tCebhVJPnjLR03qrVTex%2BFMurh2uvHQ44pY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd83e87372f-FRA
checkout-locale5.7e0a358918592a77200a.js
static.fundraiseup.com/ 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-locale5.7e0a358918592a77200a.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0759fd6bed5370e4bc3c573dedceaeef9d7b64efc7343a10d0b147ac0b04ad53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4TA0TZRRDX7XY7BT
age
18618
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Aww5YaBX2qZzkFks32BHI5cOZFwomFDCfd/pHn2jngEynBn4rIBlx31WYJ2KlJGm01HK/aZmj/M=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"56b3b76377ff34bb2c3f1fee29151d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Xmggye86rm%2FlxuM3bqzfvLoqtk7uKfq11txNjzcT6C3%2FPX4KVvpNLalLBUWZS0lmp4eiFyyiFPmn%2BewJ73WOJ54X1dv2sReQmUBicBkYr2fMTZpBAAw8P6A%2BpsgTC0IwSyduTK%2F8i8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd85e9e372f-FRA
collect
www.google-analytics.com/j/ 		3 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1510768556&t=pageview&_s=1&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&ul=en-us&de=UTF-8&dt=Donate%20Now%20%7C%20March%20of%20Dimes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=707975132&gjid=1025635994&cid=978548255.1704204952&tid=UA-219864-60&_gid=346659041.1704204952&_r=1&_slc=1&gtm=45He3bt0n81WNJ3K3Pv894218235&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1510949612
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ Frame 08EA 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
64Y1DS76JHQV9N90
age
1143942
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
53064
x-amz-id-2
THzzCgL3MuwEW+JKZcNRWJdnvRmrVdR2YNvON4Log5mZQl2oGdiS2xKmHbHT06wcSlv1v2xIoZI=
last-modified
Wed, 06 Dec 2023 09:28:26 GMT
server
cloudflare
etag
"c9e466876957e9d2128f63b225a81ae3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Isy8GOwGN%2BoWypIXrVwPy4yg3n0pB19qIGF5VvQrVCyUSlE76chxzP9MbNPJjI8qtFH3EGIG6w45ZnghoZQdITeUfPmdOcUFgQEz14Oh8%2BIOufebfuXxsXN36rpi1kcDoWXu47rCONA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39dd8ec0f30d6-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ Frame 08EA 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9ZNX7YDYWWHBJFA0
age
2343248
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56996
x-amz-id-2
tvdG8ufASCs6EyEROLJzSh+js3mWzQKRVjRu6MNNt9/nXGTH/4ieyXe3RYsd39+ItW3Iul81QIU=
last-modified
Wed, 06 Dec 2023 09:28:25 GMT
server
cloudflare
etag
"643ad5d92cd7c31076790077c3003abc"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgoubgOgwg%2FFBwGThLTVyNfvH6HnEdaOv%2F%2Bz0b7RKKZhWXZ6vNDwcMORz09Ovnt8JMeKzPXYQWTDkjKDJS5Ab0zFGFlTll7FOb5UG8fEigvNU8XNs0WwffYvRAoln7Q%2B2GDXP%2B1wEa0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39dd8ec0d30d6-FRA
/
js.stripe.com/v3/ Frame F10A 		579 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
6
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:47:17 GMT
server
Cloudfront
etag
W/"4ec63ff996d5aa25b29f0a90d2021ae0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
pxznRnE7M4wRXS_09nO_1xKjKe60RDflnv8vGE1yVaJ8MZ9iVHwJ1A==
/
js.stripe.com/v3/ 		579 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
6
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:47:17 GMT
server
Cloudfront
etag
W/"4ec63ff996d5aa25b29f0a90d2021ae0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
j892O6as5G8apLb5H9WGujTGXtObUJ_hLPhzOesNQMFXcvzNsNOoYg==
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Tue, 02 Jan 2024 14:15:52 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
321
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-eddf8230087-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1704204952.432939,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
63
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
2300
pixel;r=778292010;source=gtm;rf=0;a=p-4LjrHyeV3QUW4;url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dma...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=778292010;source=gtm;rf=0;a=p-4LjrHyeV3QUW4;url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA;ref=http%3A%2F%2Fgo.marchofdimes.org%2F;uht=2;fpan=1;fpa=P0-1907927646-1704204952261;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=marchofdimes.org;dst=1;et=1704204952420;tzo=-60;ogl=type.Page%2Ctitle.Donate%20Now%2Cdescription.March%20of%20Dimes%20donations%20go%20towards%20lifesaving%20research%20and%20advocating%20policies%20%2Cimage.https%3A%2F%2Fwww%252Emarchofdimes%252Eorg%2Fsites%2Fdefault%2Ffiles%2F2022-11%2FJAJEES_v2%252Ejpg;ses=46df80b5-b7c8-46ca-bd74-91cc28d23e29;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=924843908693?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 03:36:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 03:36:07 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstzZ73zOJyAwVArVdxSBpgdBXViXjd_p-idHyKtXGZu6bN24wj1vMZUW42gIZKMQm0kuFLPf7flf7wG33BSZ8-09XFuG5_DRQsWoAuWu0DRgGHdjgKqRZonSjsRY3y3zvKgM99xGUq80tiWzxtD_MEtOII-mA&sai=AMfl-YTxZBgEd6q-Gy5aNozkBwCW-kEXVVbOvbovQnvyhF39EfCFrAaM1Q0aIlhBYHscnzgshM41jKdfuyzL0GA&sig=Cg0ArKJSzFVcaNgUDkJ2EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20231207.06026&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=924843908693?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 02 Jan 2024 14:15:52 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1621384747882069&ev=PageView&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&rl=http%3A%2F%2Fgo.marchofdimes.org%2F&if=false&ts=1704204952429&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1704204952428.863585066&ler=other&it=1704204952301&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:15:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071894384/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071894384/?random=1704204952438&cv=11&fst=1704204952438&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v883981125&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&auid=1575397271.1704204952&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071894384&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
feece42caba667125295d9bb9eaede032f1af2209f7e1ec2e09965074d449605
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1543
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/794610601/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794610601/?random=1704204952455&cv=11&fst=1704204952455&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v869204397&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&auid=1575397271.1704204952&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-794610601&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f165b99a606b17d7e7414ec0b6b4cab7938d115ff690819d678548f70b0501c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1541
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
secure.adnxs.com/ Frame 67B4
Redirect Chain
  • https://secure.adnxs.com/px?id=1282070&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
an-x-request-uuid
e8952890-fed5-404c-a58a-3a462bcc2576
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
an-x-request-uuid
74275943-b9f7-45ac-9cf4-1918d13c5913
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.132; 178.162.209.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 67B4
Redirect Chain
  • https://ib.adnxs.com/seg?add=22494154
  • https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
an-x-request-uuid
c4052ce2-1bf9-40e3-b90a-696aa9eaba76
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
an-x-request-uuid
21fccbef-1756-4c5b-9a84-c8b3e8932697
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
x-proxy-origin
178.162.209.132; 178.162.209.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;...
adservice.google.com/ddm/fls/z/ Frame 67B4 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
ad.ipredictive.com/d/track/ Frame 470B 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/track/event?upid=107549&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&val=&tn=1362016926338&cache_buster=[timestamp]&ps=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.238.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-238-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:52 GMT
Connection
keep-alive
X-CI-RTID
42d98e5c-74c7-4c98-9600-0ac7aeecfc20
Content-Length
0
p
e.acuityplatform.com/ Frame 470B 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.acuityplatform.com/p?pk=9020304230610356278&pg=26254
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.59.122.94 Schiphol, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
Pixels
px.adentifi.com/ Frame 470B 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adentifi.com/Pixels?a_id=3405;uq=1554621548;
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.44.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-44-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
ld.js
dynamic.criteo.com/js/ld/ Frame 470B 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=81237
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
abca992fa4e621e1b432acbd7111a6c3561a508229e1ae32873531feb1d24a17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
adservice.google.com/ddm/fls/z/ Frame 470B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 67B4 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=75533
accept-ranges
bytes
content-length
15541
bat.js
bat.bing.com/ Frame 67B4 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:15:51 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 24B59B20B5DB4EDAB5E4848BE8ED866B Ref B: FRAEDGE2019 Ref C: 2024-01-02T14:15:52Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
quant.js
secure.quantserve.com/ Frame 67B4 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:15:52 GMT
events.js
tags.srv.stackadapt.com/ Frame 470B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d557d084bb45b79e6c03776d4d1a74c4af7706d68df16bffecf2b1b5e15849f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:52 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
bat.js
bat.bing.com/ Frame 470B 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:15:51 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 831497850E3D4EBC9D94D20302371471 Ref B: FRAEDGE2019 Ref C: 2024-01-02T14:15:52Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
quant.js
secure.quantserve.com/ Frame 470B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:15:52 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 470B 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:15:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
5okiSvmZ1TA7bSg8WFJ2gmoCU+wzO+FfZF5qPvXn8tQdaTb5UM+G5x/D8ijWMKH0T3cWBn9qg0uk7Tacts8zBw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
event
ad.ipredictive.com/d/track/ Frame 0305 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ipredictive.com/d/track/event?upid=107549&cache_buster=1704204952&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&val=undefined&tn=undefined&p1=gtm.js
Requested by
Host: js.ipredictive.com
URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.238.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-238-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Tue, 02 Jan 2024 14:15:52 GMT
X-CI-RTID
04164aea-741d-44ff-8092-addcf1ee9627
main.MWNkZmM2YTcxMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		420 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHD93M3C77U7KUN3M5L0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.110.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-110-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8eeb23a1dcd42802d5d861556c6ae4848a05fd28cd22bb8ed884015b62eefd9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id
38ac00e1
date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231221122557B0C06063F2877307F823
x-tt-trace-id
00-231221122557B0C06063F2877307F823-17117D0A9153B644-00
vary
Accept-Encoding
x-cache
TCP_HIT from a2-16-110-63.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01bba33847c0b7cb55402c06a805594009348c70a991317ddd22ed3c0f5764dcbfe8d922334dc0f8c61a982af5a75709cd033dc29500543ed3a9f54549cf5fb9a004353c06da47ee4151eeb39765cf103c80f8a24aff157af29b95d52559fb6ec0
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
content-length
112322
/
sentry.fundraiseup.com/api/9/envelope/ 		2 B
165 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.fundraiseup.com/api/9/envelope/?sentry_key=e4f08d23cf4e4dd080d8b4853ea3f102&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
40.160.4.235 , United States, ASN16276 (OVH, FR),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.marchofdimes.org
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
date
Tue, 02 Jan 2024 14:15:52 GMT
server
Caddy, nginx
content-length
2
vary
Origin
content-type
application/json
/
pips.taboola.com/ 		64 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
6bc9933cf1275da02fd11435520dee63def1c7e8f1c2be9f1e53d2a6e42279fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230095-FRA
date
Tue, 02 Jan 2024 14:15:52 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=005975000371708172&referrer=http%3A%2F%2Fgo.marchofdimes.org%2F&marketerId=00cffee659fe578dc2dfc7fa0fb839455e&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:52 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
9a07ebdb08f6e2870737dd66c2f106fd
Content-Length
54
Content-Type
image/gif;
4149.32a922016f7e5178a83a.js
static.fundraiseup.com/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4149.32a922016f7e5178a83a.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
564997debc20f446a4f38720248e1dbaaaa15ee5e40de23c946a0af7aadc6b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3E06S1657JWYXZ9J
age
1057366
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
uxclCEqBiLxL4AeiRIGRzGGT1veEQnN3T/BFgA+AAlwSHRnKs5LMJS3XwXXoiXFgsabLJyLOAMI=
last-modified
Thu, 21 Dec 2023 08:15:26 GMT
server
cloudflare
etag
W/"445f9c6560ac0fc0117d54656e7319fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzkzTJ6bvgUtDkmn789cu6xiaZxQQvncxB4GvcdOQ5ev6qgZiuz8CIkqnBA4oKWEjc7oPtzEIObq90YCs238xj6Vg7rD0RGUqZFCZwychx3n65hqLIX2Yh1%2Fy5Wi40h%2BwE%2FPyFHFul4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd93fb1372f-FRA
109.85cdd6cd186cb7f30f03.js
static.fundraiseup.com/ 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/109.85cdd6cd186cb7f30f03.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f9e60e6bf41a5af731690552807e6e4ca7be8994fd8804b9cf15592d3ef5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7K100Q83J3ZPGR0B
age
971006
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IimgcFOBRlZRjWVYgq50ivWwdYXuRs8OCFJLhhZgWZP/NblJWfz2FfO/JZARKIuGM934kUrLOVc=
last-modified
Fri, 22 Dec 2023 08:14:13 GMT
server
cloudflare
etag
W/"85e49c2822c4eaabf5554ff2a96c10c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnPUEjrlLSmo9oHcyMkWLio7k4gZ6aciU%2Fle8fyU0a3bPbQzkr1DoULtskbvOhMpTra8L8j7n%2B6ya%2FpWjsEGqCr7QnEunXxKiD0t41W9zCqoJ8fQjaS5k69eOfxv3ZmFVTZXOLgYOjk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd93fb2372f-FRA
4022.1aa6f4635e0102fe80c7.js
static.fundraiseup.com/ 		170 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4022.1aa6f4635e0102fe80c7.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1f92dcc7494187b5787cabe4834de25f4502ff2aa4228956b919785118df04d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4BHD0GWBTFKFZDMP
age
18687
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
MUEN7TrTDg5Yhpc67N+CgjeuAlgVPYLw0wgYrzd0R2upoBBQmLqqnZDQZD+pnM/8Wpp/2LMWEQI=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"3ff165845b9f2369bd1e145b654836f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BiDbdA1ilRjdv949%2FBh2p3tzJl5RJlE83WQOg3ulO3eQ%2BGvlV%2ByHyopXIPccP7atVVPE2rILs5VxdY4E%2B3Fy0WXVyItm5zOQW%2FCnyQfocJsKUzIs2QHhGSBHqJqrJ0Je%2Fuv7eRM4sVU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dd93fb5372f-FRA
/
a2.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://a2.adform.net/Serving/TrackPoint/?pm=3179125&ADFdivider=%7C&ord=746536189417&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00...
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=746536189417&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312...
850 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=746536189417&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Server
185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e46fc9b808a314306814560c5c41ba2ca0a9b78ee120d381c3ac4608c59316d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
693
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=746536189417&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
collect
px4.ads.linkedin.com/ Frame 67B4
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204952550&url=https%3A%2F%2Fwww.marchofdimes.org%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2179642%26time%3D1704204952550%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204952550&url=https%3A%2F%2Fwww.marchofdimes.org%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204952550&url=https%3A%2F%2Fwww.marchofdimes.org%2F&liSync=true&e_ipv6=AQJpBwjXq3-BBwAAAYzKh-XOciUnr11-Us-G5gAqRpf_ET0Si_SQv5kEl...
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204952550&url=https%3A%2F%2Fwww.marchofdimes.org%2F&liSync=true&e_ipv6=AQJpBwjXq3-BBwAAAYzKh-XOciUnr11-Us-G5gAqRpf_ET0Si_SQv5kElRYPZioGVWcw8FW7AUYb
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: C8CBD8CBD9CA43459D0BD4A51E28A7A6 Ref B: DUS30EDGE0821 Ref C: 2024-01-02T14:15:53Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9yLbhpsYG1yBn0fsPg==

Redirect headers

date
Tue, 02 Jan 2024 14:15:53 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 31AD48A84DE8494491FCDD79B912179A Ref B: FRAEDGE1112 Ref C: 2024-01-02T14:15:52Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204952550&url=https%3A%2F%2Fwww.marchofdimes.org%2F&liSync=true&e_ipv6=AQJpBwjXq3-BBwAAAYzKh-XOciUnr11-Us-G5gAqRpf_ET0Si_SQv5kElRYPZioGVWcw8FW7AUYb
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9yLZihqG/lCLzpM/CQ==
rules-p-uyn8UnTsRXguL.js
rules.quantcount.com/ Frame 67B4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:33:09 GMT
content-encoding
gzip
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2564
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:08:42 GMT
server
AmazonS3
etag
W/"b4a376a3ece8af98e7567e60db986dc9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
KtDuhiHENSWdbMappdiPId4RaSEESHwFAiJa9Pjnin22ihvR8igtEg==
rules-p-uyn8UnTsRXguL.js
rules.quantcount.com/ Frame 470B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:33:09 GMT
content-encoding
gzip
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2564
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:08:42 GMT
server
AmazonS3
etag
W/"b4a376a3ece8af98e7567e60db986dc9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
j70o5TPDZfDuqnA5KMgpkQZ4z888PwToJn-1cWkk6VdTnOcifp6rQA==
812396462484872
connect.facebook.net/signals/config/ Frame 470B 		134 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/812396462484872?v=2.9.138&r=stable&domain=www.marchofdimes.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d30717f2e8dc64c231e7f24843ca4ba6c9076d5e838b08e4d6efc0ee66b9f9c6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:15:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35834
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
kO5v6fijQrXafjjxGWTvvNfWfc5NU8IxUPLR3GfCUmJx8l6ep05N0zqZizK6ufGL2kcyeBStfpWbwOJ2RjumDw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
25042596.js
bat.bing.com/p/action/ Frame 470B 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25042596.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:15:51 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2236BA6AE5004C5CAC092F2C0E398622 Ref B: FRAEDGE2019 Ref C: 2024-01-02T14:15:52Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 470B 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=3e50f3fc-48b6-4394-9ab1-e72178625953&sid=6fb99de0a97911ee93fd3fd4528cb3c1&vid=6fb9c090a97911eeb6d57d5c5ccb814a&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.marchofdimes.org%2F&r=&lt=313&evt=pageLoad&ifm=1&sv=1&rn=965757
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:15:51 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B931BDED8B224A6A942113BAE4C4D4DD Ref B: FRAEDGE2019 Ref C: 2024-01-02T14:15:52Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
25042596.js
bat.bing.com/p/action/ Frame 67B4 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25042596.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:15:51 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1AAE622DBA83414BB3042AA003EED261 Ref B: FRAEDGE2019 Ref C: 2024-01-02T14:15:52Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 67B4 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=c0dcd90b-3164-4fe5-95c2-a90d730bd63f&sid=6fb99de0a97911ee93fd3fd4528cb3c1&vid=6fb9c090a97911eeb6d57d5c5ccb814a&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.marchofdimes.org%2F&r=&lt=315&evt=pageLoad&ifm=1&sv=1&rn=822965
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:15:51 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7AE5BD71B7CF43EA98B476B63D348196 Ref B: FRAEDGE2019 Ref C: 2024-01-02T14:15:52Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=2027770787;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNy1uJbyvoMDFenIOwId5_UFig%3Bsrc%3D8832015%3Btype%3Drt...
pixel.quantserve.com/ Frame 67B4 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2027770787;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNy1uJbyvoMDFenIOwId5_UFig%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Drt_bs0%3Bord%3D9121270571038%3Bauiddc%3D1575397271.1704204952%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA%3F;ref=https%3A%2F%2Fwww.marchofdimes.org%2F;uht=2;fpan=1;fpa=P0-1068998617-1704204952553;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=1;et=1704204952621;tzo=-60;ogl=;ses=41afa93e-0ca2-4f87-a2d4-7aa1c80d146c;mdl=
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CNy1uJbyvoMDFenIOwId5_UFig;src=8832015;type=rt;cat=rt_bs0;ord=9121270571038;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=1182669835;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIKxuJbyvoMDFV3JOwId05IL8w%3Bsrc%3D8832015%3Btype%3Drt...
pixel.quantserve.com/ Frame 470B 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1182669835;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIKxuJbyvoMDFV3JOwId05IL8w%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D1362016926338%3Bauiddc%3D1575397271.1704204952%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA%3F;ref=https%3A%2F%2Fwww.marchofdimes.org%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1042807591-1704204952555;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=1;et=1704204952624;tzo=-60;ogl=;ses=41afa93e-0ca2-4f87-a2d4-7aa1c80d146c;mdl=
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
1475256470672328150
api.fundraiseup.com/paymentSession/ 		578 B
922 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.fundraiseup.com/paymentSession/1475256470672328150
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff02af5e5776f8284ea202d7f0337c3a38324f1590d317207514c564b22e9bb3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
content-security-policy
frame-ancestors 'self' fundraiseup.com
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
x-response-time
276ms
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.marchofdimes.org
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DevnTqkhxERwC5lWEX5XaE9Ya3E2JNC4PpNlJqVKxAdQ9lZh82IIcSmOm60DpvN1%2FPUZ8x%2BiThz%2FqtDZxsVy4dNcMtAJnlXJ4ywhkjGtzQSNGwLrPlmTJr6aIX5PWWd2Pl3c%2B0A%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83f39dda28e3372f-FRA
expires
0
5021.69a8a47ee2972d7403b1.js
static.fundraiseup.com/ 		253 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/5021.69a8a47ee2972d7403b1.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6432a66c7d8240059ca76b571620dd0f54b4d3a5dc05fccf8cff7c8304bc9493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KHN27Z1109N5TZ0X
age
283252
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
yoDNNROVaeK+KyQahsxI40Riep/BjDLQzjz7WDpSbAXM4VmbvVP9a/xQAmys51+y6Gle++dqJUs=
last-modified
Wed, 29 Nov 2023 14:59:27 GMT
server
cloudflare
etag
W/"d4f127ab7620fb2bfb2e93a462d59163"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmfIPaa0XYv6pVGOabpQdtR7zD5fWZylsIAC3cA9Czjz15Fa3CqmrZ%2B4gE17xypUZUxqZ48hku45a%2FFp3qkn9K9pwd2rHYoADaRUXebhrYNHGrVDuWQxR%2Fr9uhpxjB8pD7qgKUyjSxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dda28e7372f-FRA
4365.3c47b14cec912f3f2597.js
static.fundraiseup.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4365.3c47b14cec912f3f2597.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69c942423058ca7c0d54a661d67cded9d06b9f030dd45e434bcc72cd150e7e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
H1Z3T3JBNE8ZPW7C
age
1315758
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pyeKPQzxOXGzJ/l2A21cBmmPl85Sohcl2NzKHZUZp3z8/ohsdRhjncYNeZ+zQdNpQVi5vcXEi9g=
last-modified
Mon, 18 Dec 2023 08:17:57 GMT
server
cloudflare
etag
W/"e235a91c7b1026c12729b0ccc59690b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Q40BD0d1ktxTbMNcjI4VF%2FNmPDdlYla%2FFBDJNSbtOAjEqjwnhbt7rGapCYUqA2hcpH%2F9maNWMSqmcY7AG5e4Fdciz28dMo9zGXmU6IrCklT%2B7%2FXR5OHOumYOjiQ3%2BpHv6N71%2FLGxmc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dda28e8372f-FRA
9722.efb7c58e3e474cbf152b.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9722.efb7c58e3e474cbf152b.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55934d27fdb4a14ddc59cac40e940a9c8100acc76c156e9be5f3b9c0dff6569f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Q3RMZ5S1Y2VMDHPM
age
362022
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
UGf0FeYHr6RCLHS2+PeNIoXGd86kqYTOChj6p9sX5cMmeqMgE77S4bNUNDya1uHCXpeKQpl6SJg=
last-modified
Fri, 29 Dec 2023 09:23:31 GMT
server
cloudflare
etag
W/"ee5cbbfe6c1f87870f508d95c1085e92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WEEG3zd3%2FoO3XT8Yojh1BxGHkAh9Zdxbx34esem8piLbBp2EbPZU3PV0Erf%2B6XNJlFk1VQtxg6AJtVmFQ8I1UEedMehuh4zJR%2FqLLzbX%2BHQ0PQp77%2Fcg6OKFqevk1kLUe8WZ%2F8CSME%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dda38f9372f-FRA
6267.5aa879fe84868b48faf9.js
static.fundraiseup.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/6267.5aa879fe84868b48faf9.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c2e62deea90ad8ea208037abde538d6100d5a3efce136c89e64a80c1b1c6b07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
N4W91XF6R40ZV97H
age
971005
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
na7dnXt1csz1FVSwoTIPfz3r3mioeC7v/E+Ru7bQNLEpfp5SAVw8HI5oRrMe4ZVdvgeuDkC/4CI=
last-modified
Fri, 22 Dec 2023 08:14:28 GMT
server
cloudflare
etag
W/"fd37e6df21da71bc4f7e20d1d5c66776"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5L9vVm4S3ge3PYDfVKMBrrCsghUDmTf26ka8E0ODs2JAoaWJ74yWyKO9I1AR8uP8JXhDp%2F63MVfI%2BOO30ZgoMaIH9vrGVK3yJNj6ipT51hQLwctL89RY5iYnCtiDMeHLlcc92nvmSE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dda38fc372f-FRA
1546.acd6010561bea827780c.js
static.fundraiseup.com/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1546.acd6010561bea827780c.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4660c763169716a38ee1153d2cc4eca87ca421195d67bd89ea964b10bfbacac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZMV4AT09ZX8QYC
age
18687
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2k/vmYZ7r+GXxGrB/Gd+EMkq1+sNnpjZJ0Zk4y1SJ81dId7d9BFo1da2APLfy+yJD9ZmWQSwpYM=
last-modified
Tue, 02 Jan 2024 08:46:51 GMT
server
cloudflare
etag
W/"61b4f037d3e70607ce2de6911ed45e37"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydkoDjNZKvVQ2MaX%2Fp7DjYrxfBD2tb822uTOPI72GGSZOXLtSJrhmvTMAGiQLnaEheVi0seYTvBxFgwch2k3NH9UeXoWar%2F%2F7wmKVL8E9Y6RmDQG%2FN2xE2OOlwVN16SeoOlL8P2eEo0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39dda38ff372f-FRA
/
www.facebook.com/tr/ Frame 470B 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=812396462484872&ev=PageView&dl=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIKxuJbyvoMDFV3JOwId05IL8w%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D1362016926338%3Bauiddc%3D1575397271.1704204952%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA%3F&rl=https%3A%2F%2Fwww.marchofdimes.org%2F&if=true&ts=1704204952666&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=other&it=1704204952558&coo=false&rqm=GET
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CIKxuJbyvoMDFV3JOwId05IL8w;src=8832015;type=rt;cat=donforms;ord=1362016926338;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:15:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
js
www.paypal.com/sdk/ Frame F10A 		293 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=QC6F4C27ZTBFE&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2972ea87cd5c4adceba0baf8d735c0dae6512fd7bb276586f5ef9b707b2cde92
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Tue, 02 Jan 2024 14:15:52 GMT
age
264
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f3766499c2a02
server-timing
"traceparent;desc="00-0000000000000000000f3766499c2a02-44d7377aebae13af-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
79959
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230116-FRA, cache-fra-eddf8230116-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f3766499c2a02-e9ceeb38f897edc7-01
x-timer
S1704204953.762351,VS0,VE5
etag
W/"13857-AG4O1rLG9TW0jCSwL9/a1psyNB4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
2, 0
identify_ce767.js
analytics.tiktok.com/i18n/pixel/static/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce767.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.110.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-110-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id
38ac018f
date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231221122559548CF9DDA8C573DF3F53
x-tt-trace-id
00-231221122559548CF9DDA8C573DF3F53-1ECA914B8D78734F-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-16-110-63.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
017169f4e91d4ca6d4abd2b11d25c6de473d27985c99fa43a27a65d0ca3f6a6e04b7497ea077c3cae0f3365d5ee202f711c8db0af079010ad8c2baf9c2a316f61d52f9240c86906b98618bcf5f838a877444aabc5d3c413d7945ef90c0d4e16022
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
content-length
36188
pixel
analytics.tiktok.com/api/v2/ 		0
840 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.110.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-110-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
cdb51b3d.38ac01f4
date
Tue, 02 Jan 2024 14:15:52 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2401021415525D13AAC1B83BEF637B3F-4E98F795FC7F92D9-00
x-cache
TCP_MISS from a2-16-110-63.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
126,2.16.110.63
server-timing
cdn-cache; desc=MISS, edge; dur=100, origin; dur=37, inner; dur=34
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202401021415525D13AAC1B83BEF637B3F
x-cache-remote
TCP_MISS from a23-48-100-69.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
37,23.48.100.69
x-tt-trace-host
0165e47387a63d2aa752b09d3ce4dcb185914b232de2858eeb228747cd424aabcb43e86b3fe32ca140b2553ea4d9c2ed8972f91ad27703e5c3d3031f5bbdd05b77f7b7cd912b47e1dda945bc7b74d05c97cd9468560628e2949f5c7b395e643c843cd08feeb97eb1865e0ecd5a7a5cd442
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jan 2024 14:15:52 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
700 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.110.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-110-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
38ac01f5
date
Tue, 02 Jan 2024 14:15:52 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240102141552CD6F5DFF9CEE6F92F004-4EA66BD1CB457598-00
x-cache
TCP_MISS from a2-16-110-63.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing
inner; dur=50, cdn-cache; desc=MISS, edge; dur=9, origin; dur=139
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240102141552CD6F5DFF9CEE6F92F004
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
139,2.16.110.63
x-tt-trace-host
0165e47387a63d2aa752b09d3ce4dcb1854a83302e1704b8fb51f9e20a356e49d06ece1b110a6ead8295a9ee64d201faee08d567cc67c880ab608dc2ca7f047b33fb1375c8d9840620a6c79ed0e2831ff2b4b41db158c3c7584ef6ab61d1fa8a51
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jan 2024 14:15:52 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=e1aee152-0055-49e7-96fe-f14524b3fdd5-tuctc8da018&uad=0ecdd1c67e2f0f4c370f118e55269664f8221cd4107973408c9c691594218fd3&mbl=ZmFsc2U=
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
no-store
server
nginx
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 8A55 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2682
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:31:11 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-amz-cf-id
pjQavQIA7wQ-gfHPXgcZAjoEV-l-qYCl36NxphoKFGN7IVdypskkuA==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
controller-a8db3be7204dff5e963b6f0fd5121b28.html
js.stripe.com/v3/ Frame 898E 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
15
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:15:38 GMT
etag
"a8db3be7204dff5e963b6f0fd5121b28"
last-modified
Fri, 22 Dec 2023 21:08:02 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-amz-cf-id
el_QbsOsSWkLzLPAMYUd-09Se1EwyIV0pJrxbNJeh8uk1uHyrrX48g==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame BAF9 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2682
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:31:11 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-amz-cf-id
w5MGms6RabFB5idokfSMDBrADloozHItTaCZrdMPU7mh0pmYNq46Rg==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
controller-a8db3be7204dff5e963b6f0fd5121b28.html
js.stripe.com/v3/ Frame 763C 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
15
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:15:38 GMT
etag
"a8db3be7204dff5e963b6f0fd5121b28"
last-modified
Fri, 22 Dec 2023 21:08:02 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-amz-cf-id
An9WclzuFM-ynswFLxOlGxJwsKCb-Ixp6xbjkMH0M7e9rJszVkpDFA==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
syncframe
gum.criteo.com/ Frame C3C1 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=81237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:52 GMT
server
Kestrel
server-processing-duration-in-ticks
420299
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
/
www.google.com/pagead/1p-user-list/1071894384/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1071894384/?random=1704204952438&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v883981125&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_d-BhSxJ6OjNTQmwBdyRscWfYUk9RQ4OGuYKebLz8NDvAUgQs&random=896267798&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1071894384/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1071894384/?random=1704204952438&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v883981125&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_d-BhSxJ6OjNTQmwBdyRscWfYUk9RQ4OGuYKebLz8NDvAUgQs&random=896267798&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/794610601/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/794610601/?random=1704204952455&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v869204397&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_M1so-DHNQLgFaLgixpjmQgxDPAwJGHu6YnFggdAMdWKBVJjC&random=4214003293&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/794610601/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/794610601/?random=1704204952455&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v869204397&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_M1so-DHNQLgFaLgixpjmQgxDPAwJGHu6YnFggdAMdWKBVJjC&random=4214003293&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sa.css
tags.srv.stackadapt.com/ Frame 470B 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6514b472d22e99c9ff9fd09d7cb73046b276a1fbc114a71b09972897909c42a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:52 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ Frame 470B 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:52 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 8A55 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:13 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
2681
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
AfUFCOCfSih9nzHIr4sVyQh87HclhM5f_4oZsrkye4Lq1vOWyRjAnA==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 898E 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:09 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2266
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
-HKYNaa-M9hdJBiyVLsG3-RwkZJrcn00EkfLvBxhIMDVKbePzinI-g==
controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
js.stripe.com/v3/fingerprinted/js/ Frame 898E 		688 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:41:58 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2035
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Cloudfront
etag
W/"5ce54273e9cefa73649bdfcbf46e58d4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
xOuoGEta6QDUK8zNs4izJt0GRyKWKR4gn1d0pnVNZAWJDkGNwXoiNA==
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame BAF9 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:13 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
2681
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
vqQ8j81wlJ-zrx3bjkYYAXseixrANS8g037jvpB9U1Ir1o2V_nrpxg==
activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafv...
8832015.fls.doubleclick.net/ Frame B987
Redirect Chain
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;ua...
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f6.1e100.net
Software
cafe /
Resource Hash
d4eb6180b5107f5ec5cd73a858d470b0e2ee8671a4730e67ebcd73fabe0edb39
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1762
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:53 GMT
expires
Tue, 02 Jan 2024 14:15:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je3bt0v894839724&_p=1704204951738&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=978548255.1704204952&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704204952&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&dt=Donate%20Now%20%7C%20March%20of%20Dimes&en=scroll&epn.percent_scrolled=90&_et=29&tfd=4811
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tb
fndrsp.net/ 		2 B
281 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0l5Ngl0rJEojTKE3lyEi6hvoQd9%2FQ0WAvlbJcpZJtnD19O%2Fww7RPPHBORPKL25eCGyU4Aa341VEtTdVGAlf3MBkyGbmP2McmLhmdDW0UvPZoq1fkjvYMo1Nc4ZD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39ddc0fc4171e-SJC
alt-svc
h3=":443"; ma=86400
tb
fndrsp-checkout.net/ 		2 B
501 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp-checkout.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFI%2FP0gAGUQLVv9L2IEq1JBuTTgAqAXbxXVUZ5lwkPzKj8vky9cyGeKgFoAw3XDBKNlWXTaRVQhX8yQl5AwJZN2nhQbLJCW3wvnSjoBWcXB%2FkseBpgkozS90lTqXmNbOujM5V6EI"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39ddc381e2c1e-FRA
alt-svc
h3=":443"; ma=86400
csp-report
q.stripe.com/ Frame 8A55 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953567142
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953566399
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 8A55 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953567118
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953566336
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 898E 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953566870
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953566296
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame BAF9 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953566603
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953566093
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame BAF9 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953566339
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953566065
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
2612.328ca5ce35bb1bd7dfef.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2612.328ca5ce35bb1bd7dfef.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
337738b644c1b01e37308c9026995b63c20387f9bc8f219cb99f72eb3b23f35c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MZAJQ3WKR2Z77536
age
971005
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
gvmqfF7nktcOU6OXoeHtRc2Txo8MRoq3Hvz3vuO2ppclLiSrR+di2u8cGTZxHlS94Dk9lrbyP8U=
last-modified
Fri, 22 Dec 2023 08:14:19 GMT
server
cloudflare
etag
W/"72585859f7005322a24f55039d6502e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uq1qiEIAIPyFRtaQ4yICM3TkhbVr1DHy7FRPzdi4tWe1OnSJSXDIWELhwbBfsLicUU7SG6PRiVqtPz792SlpiBB1ClLohfKCTo7yumLiyvfIvpzIm4DaXQVbr3kD1HKwfn1sCDybxLk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaad0372f-FRA
9317.8347c21dba66a3c8e00f.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9317.8347c21dba66a3c8e00f.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23098142daf44c1cb7d244684146fb6ecb0568274118ae3f62cef67034551ef2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5AN0P5WV2DJPMTPA
age
446090
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6oVt341UDBypRNFueOB2LyfUROi0/Bdw7gBNjFz5mu1QcaoQz8YG0BUHo0lH8PyJ8hJ7aBksCjA=
last-modified
Thu, 28 Dec 2023 09:56:39 GMT
server
cloudflare
etag
W/"cb3cf711444477b5098e7015fbbf15ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAQXaEeaMJXGZ4V7zHx9KSSApxPLERUHwc1TRZF1JgvQqai%2F4ylIgZkBwq3e0pfjHD9Rg42K5bBTzQF0WYWL%2Bwfibte0xafvTN4C7UCJE1pe7fwzfB4%2FYvMscWgAysvCU5tFwXvPSW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaad1372f-FRA
3881.cbc277ee4db5221fc545.js
static.fundraiseup.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3881.cbc277ee4db5221fc545.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8cd06506717ca4b233b2fd62746d5a39c9230b4ea3c4bb56206edf928ed8d05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
880PGD6549C94DW8
age
18687
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pSEoew635YflmBVqBaK6olJhMbYcixootbJjLqRt8nnajJ05UKekU5PT4TLJpw/dTssheuRb0KY=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"d3787c003b65e006808cbd3b22d515d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HNPs1RTpjx1KPZV9vGWULPuGurM3Td5MWT8%2FHbJ6Hf0fAzn77X6j2jOUBBa8%2F45%2Fj6Twzsbvc4TJlDeAPa39rK1jEtWyd5kWAXKaJc62M3y%2BhXYnsUOSV7CNqOtzKiyDl%2FOkD6vX48%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaad2372f-FRA
8443.30652bd12c39ddd0d48e.js
static.fundraiseup.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8443.30652bd12c39ddd0d48e.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e7f6cd883b421b03d88891e93891fc89bd7e4cde0266009f72250f0092302aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZVXJ9V8PMAVE17
age
18687
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
vRs2QIAMdn8GjVIqigaHemOaVZAcZKMYZ6K2KU02G46/hsB8TJ3hHylBv7uDBRPFJOw5NfdTDc0=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"188752fb24105ced13abb937e1252dd7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVCIHqFmvvVnDOjtMHv1Bm1OVnc6YHgGTVPNt%2BDed2FlYRKgf3I%2BgR2%2BetBmpZ5u%2Bm6oLZCjVs%2Fu%2Fe%2Fcr%2FEC%2By6rOsD3M4qlUdM0IrQhlziGJVsQVymRafDxUk9RD2pl4bTzsvCdp14%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaad5372f-FRA
/
ucarecdn.com/16dee98c-4cc2-442e-a7a3-f895f7d22227/-/resize/470x/-/format/auto/ Frame F10A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ucarecdn.com/16dee98c-4cc2-442e-a7a3-f895f7d22227/-/resize/470x/-/format/auto/
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
9516e1c23610840cf3f86fc18968a997a2af08e5f42e0093013f0836285d30bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
x-image-width
470
server
Uploadcare
etag
"997f30d9a41e015338e681fdb6747621"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31556620
content-disposition
inline
x-image-height
263
content-length
11427
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame F10A 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Z88M5C95290ZS9JB
age
88969
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56996
x-amz-id-2
Uugef4xm+S6rmp5sDYtw86g7rgqTt2rKRU304eRVf2pU3mvVjNvCmDzjay/W8LyZhRMaeZGPAFg=
last-modified
Tue, 26 Dec 2023 08:53:50 GMT
server
cloudflare
etag
"643ad5d92cd7c31076790077c3003abc"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVwVzvDBgxo8gdrwuIkPLwoKXv0tacaSl%2FyHz%2BYMGH%2FC9NnMh5ow7o2RfqxqVnZ7PLUXZKxXBxR9BCSUzpdHSVnqYIrbC8KnrwebfeZVr5jnwysG3Mj0mOkG4d7cTokE9JU%2FL11%2FgC0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39ddbaf8030d6-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame F10A 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6EYJBPJ2VNBHCM6D
age
28604
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
53064
x-amz-id-2
6PBJe28QnhL5geaXNKPhdZapO53++6Ud6mmFkwr0OgUFLSqmz39BXbavQIQVMv78t0NkRUUdU3M=
last-modified
Wed, 20 Dec 2023 14:31:09 GMT
server
cloudflare
etag
"c9e466876957e9d2128f63b225a81ae3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqWStWF9S157RTTM6L5AGbhu8AK3X91kxjxkSQQyzRqq3p%2FjLFu7aE%2B%2F%2FMKq3ppMtmcAWLk6aYrDK%2B7e7ychr3ZHLKgahuk%2FO8WEpdTkX3ivF6kW1LS%2FExkaOc5CevdcVLniczf6kpw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39ddbaf8130d6-FRA
4308.267ae83b72a737d61bc8.js
static.fundraiseup.com/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4308.267ae83b72a737d61bc8.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e7a944adcb9d32eaf4e2f6e85cb7d1f9029b74de22ad7ff2d46ef82b189c95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZYH264852YZ9DK
age
18687
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
nDC7Cq7Mr+Zn04oXI1y/tAEx8sD8Yww18TArSyzm3zUwxgGOIA6cCL+QXOuq7Duk2Gx632eydrY=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"d17d932280bf77e59d50820c420d7365"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLBm2p26HNCOlJ5yldMK2Py4QiGwQ102wawu9MDf9UlUYdAtzmrdzdn0FDbKt7Ik0DDpKC18PYlCTJ4QdpOGsNpFNAOSg3zUhZSlk6SRcWNcrYVbAk9sSzQ3UDITn7s4hg8En5zpRpE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaad8372f-FRA
4798.a2fa7f6bbb792b2fa1f0.js
static.fundraiseup.com/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4798.a2fa7f6bbb792b2fa1f0.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df9d8e18a3cec3afcf01338e9a26209eeb89e3d0eaf97f0d5298f039776ffc8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MZASJ5MFEC1B4QF2
age
971005
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oA4UpXqkbqI+Z6SmMLgS0rjqIdxTr07ojyzVDJKetuDyqQQB1XfCUpwv05Yhf//jZtEp+jQy0mg=
last-modified
Fri, 22 Dec 2023 08:14:26 GMT
server
cloudflare
etag
W/"813c3e21463a5fb18a4652af2d6e3a0d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XTqOgaVGlyNLuUtZZK7tdzrkOnZjlch42FT9CEaJSHxVWPbqs5ZaqLqlz5or8ojWW89wLldflFikkXK872e57h5u7BEUQ%2BMGFYgOTMA67G1jYCyU3kzLAQs7VSrW%2FtH%2BRYZ77HY%2FS0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaad9372f-FRA
7470.5c849ae41dfa76a30134.js
static.fundraiseup.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7470.5c849ae41dfa76a30134.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb48d9e8351750646223a61d5868a0eda7972e2ea278c69677577300810b0ad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZHKH536A56RACS
age
18674
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oVoYp7SmPXx90DPTTKcYLd94o44lpFLshTCQZDuZ/jTATOpxTcuFK2dX6chKyxdG+uH4/WmRY8M=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"8116b094c9ac56f0fa0e152d4e72373b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsYOe79%2F0JWZRUU%2BDL2KRQ3lZEG4myugtb%2BSCjDaIeSA6lZ72xoxbevOR%2Fz865zdTuo2tq5ODXb5eh93AckLJnSxiNJQHqxe2yaZ4X7Si0ea6tPM3Dr223wZUrlTnJ6nOWu%2BWa3h2jA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaadb372f-FRA
7161.70dda01ad3bd7b1f43f4.js
static.fundraiseup.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7161.70dda01ad3bd7b1f43f4.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b1dccb5a273ea2fadd2437f76d7e4b897e7c5f461f52c0b72cc7e74db13cca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZPNEXWEAW1T5ME
age
18584
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GLR7ICRlZN1+EuR7oBwdrUOAjrpGxxduf6dcDu2X9pYQVuOipRR2wk8gzhPwJseQco1/FzIc450=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"6a9110bcfcb930b2a0f06f9f8de67d69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kxm94cXyYpXCQQehi1FLTxGA8ZQUNBB%2BanWf%2FsvtHXwESI6qaxB83uzQDLSDxyAJvDPWE2YJRvVVbBdlRRIvTC8DKPOnkSpG8HRTsYUPWJOLBx%2BXUiaG%2Fer1V2MagviSjIdbl9vBR3o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaade372f-FRA
4172.550614b50a20ec5505f8.js
static.fundraiseup.com/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4172.550614b50a20ec5505f8.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67babd89dd5d6e783cbe7ba05cb7d77c2c3ab7bb0b3ba87b185b391a21e8cc35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CE77QSKEBPBFQRP7
age
1941094
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Kg+Eo16+QoH8So4HU2RkmZamhyEVrK5wSRKI95zC6g0w0S4fFHtZznP/31prxfIlrxO1DwplhDk=
last-modified
Fri, 08 Sep 2023 11:49:58 GMT
server
cloudflare
etag
W/"82362aa73fa0a4d64a1c55b1d259397a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qc3q8IT0vYMCWCooyV2fzY7bmPogERUj4rvTV2C9ed6cKs9GKbyMDLjrtTCiecGbpMs2KVedGRJbqSq0lrvLLIFeOqo%2BV5IcjjaSue%2BlgnPtGJkkGyhS6z1jjM%2Fs%2FNbP5iXcxABKYVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaae0372f-FRA
7912.0af9043c4cad1d41b53d.js
static.fundraiseup.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7912.0af9043c4cad1d41b53d.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25c3a3c0aecc1c3cdb989b17c48a9a75970beb6343e0df0c2651ba5eb75c900a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
H1ZF889G6WQ2F5TR
age
1316284
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9gUuMN3cEPhciPDfPGDBXc0XST5/Eyymz5kErZZN17xeJmYtiRxOBLVbk3eATOnPah/fjnQwdXY=
last-modified
Mon, 18 Dec 2023 08:18:02 GMT
server
cloudflare
etag
W/"3aad49c653ac761d3b0dc37c051585c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBfXj7KsgUqIHTPdiQGY6%2F7HK5hIhMHL%2B0yPSiRH0M%2FJQu%2BunGY08Mk9qMRC3PepS7U0JUmAPVOz6kEL9UOZM5VDf3OH%2Fm7N%2FnbqoVf8XshXUMH3GNJDzejzox7marjZtnUcInQ3mks%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaae4372f-FRA
2604.70a67a9325a0b895a893.js
static.fundraiseup.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2604.70a67a9325a0b895a893.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7e24515a6e8e17332b556ae1a433f0b6e00cdaea90167be98c2734b0049a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YNCNBSNKYAZDKDQJ
age
18584
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
u4VwLpIHjQnTNnS7BOaFTguRLwpjhW9+fCvDyugXG8SYJQz/PvGU204l/4vksSr+eU81GppgdxI=
last-modified
Tue, 02 Jan 2024 08:46:52 GMT
server
cloudflare
etag
W/"52a2cc1ece90544227187f23af6c444d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AE%2BrFO61I1UfDZ63mR0CHtrM4MQT0eE7mzX9vLmZHvtOh%2Fu0cf061OomumAV9aq39U%2FHpDONcXGIuvyziWqofRJulDIxkQ0RjJSN63x1Zr1VUMHrxZMi8d1hNKgD%2B4RSvkvCXQ0HHfU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaae7372f-FRA
8242.b02aaf21dfdea45ccdeb.js
static.fundraiseup.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8242.b02aaf21dfdea45ccdeb.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f7997ff37aac676d939dbdb0d33f6381fc5b66de4e4c79240e6e9503b14c15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HYBH0AE9WPN4MEZV
age
971005
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wF5+7h/87SrEbp2uxjF0zb8LcL2b8y3jEAXBGtxQzgF0fIoedcwomkGhqGU1nYz3PuqzJqepVgY=
last-modified
Fri, 22 Dec 2023 08:14:31 GMT
server
cloudflare
etag
W/"4b19319add63bf353f59c262e18d678c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQhAJ7VgqqMXjdl5LPrLD2TNOYkDnGvPlILVSLHv4RBmlVnv1cEy0s2TE2XFi9NtA8P099JElDUP0s9dfZvDG%2FNI8wYV2MshRj89HDnt%2BRH7LTe%2FeH87hYkYUtoY1HhZ%2Bc0sTP5JPTI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaae9372f-FRA
1307.079eb3e246fe1582b593.js
static.fundraiseup.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1307.079eb3e246fe1582b593.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642c3f67dbc0d646b7d2508b081e0a6040a7be94478f0cd6d2a6de21f5d11ed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZKQ1PWB1M47CH7
age
18584
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
apdObnbd2aDx7v6jeChUIzpnhtdsbSI782ncRqVTlhjItLwFqP9Lk3/geXE23YLoeXo2gTzMejg=
last-modified
Tue, 02 Jan 2024 08:46:51 GMT
server
cloudflare
etag
W/"7b1aa6725ce10e652729c8ca76f3ed5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9G2KYHTk1HFyLFpO4w691mCougRaaQ6m8OHDMxC0rMeZxoz8pTg0iNLjdWAzjZOH%2BjRgWTQm17If2466pNRpZbT%2Blk3mNequQw65wzzOiz3vhkuQ1%2BW77eiv3SGtd%2FrLRSsyLAm%2BCEE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaaeb372f-FRA
5294.9d66a191975ea80fb12f.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/5294.9d66a191975ea80fb12f.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a06c60d0bdaeba9a685c6b98ec4108e8358606ae608bc2866b3873ba36e8be5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZSR0ZBMBMRZTZE
age
18584
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oKSCrx62k8fu9DVddiAe+KeO1YPBzM4Xq6aLRaDZY2ndINgVhnXM9dzEAsdZkx5im+9J6QxjUao=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"8cbeb2d49dcd2a8be5a4eecf9cb7596b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAt8lKOaGVgHgBQ6YgChdEcxE1%2Fl4KUrdXHTHrR7uJP8LluLtm8k5C5WSaf%2FrjH86Jh%2F7xWyeVCMZU8yirub8XAlvAsW8wHMNvaYSKwsgbvR5ohIydhjYrlTCoHO3D1tig3BLgae0DI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaaec372f-FRA
3074.d9147f791079b87eabcc.js
static.fundraiseup.com/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3074.d9147f791079b87eabcc.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
377a6ada8b0adaf4e37c51a736bda1e6a66e2339322ce58193e81d5909ee2fb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8TG37C2X6EWCCY
age
18584
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6bMCa6lyErEqFrJxPCzEOKfVfuJVbmStAWgTgCqGelW1NCISZF+zkQzWoxfvKImTH3IAAjWzxIA=
last-modified
Tue, 02 Jan 2024 08:46:52 GMT
server
cloudflare
etag
W/"147314f2adff1871b831c3e893d26e47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFIf%2FywdRlTOKlKR7BYvCCgzHeAj2NEck9%2BycAspWU8cmULpfqMdqzk8NYNBTfy7kOSI%2Fe1AUdkDy5Vqc%2BPsOUQbJc%2Ft%2Fw%2BvF8gKKosUxR4bUWXE7jhnSM23G%2F23PwfDSxgYTWnPm4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaaef372f-FRA
9101.4c00b74aed875aa4a330.js
static.fundraiseup.com/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9101.4c00b74aed875aa4a330.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b65fdc6da2826c107418e5c689078ff47b54e7f2fc690546c33dbd3b343125
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8SF70XV7VFBQZG
age
18584
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
kI1xlkgxSAPhlIEg7MIRY87N7q5//6f5BH/h2rLndvN0C3GaSZIBe687+vH9A228rAD0GC3g8rU=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"c13ccac03382eb3bdadeaae6fb057063"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuXUHLyNtRo104QZSxzecY1osL%2BrSc0LlyNecnd5Oj7r%2FsaaPfdSmdRg4zfAura0FUmOuzzxDg7OswU%2By30E08fQ3JHfA9YWyi61NrlLKq82jp%2BjEhuZotFXM6rILweM4hG249DBZew%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaaf1372f-FRA
4531.eadbe0b8b04e9dfe84db.js
static.fundraiseup.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4531.eadbe0b8b04e9dfe84db.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b596c15fc92d124e18473ffa1d9529ea88cf1918efa33f00447fee4113a68338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
D2YYP10PZE500SWC
age
1743745
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
E9+QUIfEP+IrmYuls+++N+MpCX1uzWUmTYeDXm3kuGHVRVChK4eyiU/PrcJpJQS47s3Q5zYXbwM=
last-modified
Wed, 13 Dec 2023 09:34:50 GMT
server
cloudflare
etag
W/"2f5a99aa534d43a5d5741f02d107888c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ig8ug4Ln6bIKsnNaubKCAVuHBaupTCZ8SgH9Tf3X1ekSVT7TOlFGl2ig5iBbvYbQnm4PWZr7M9oGl%2FT%2FtkogHD%2BDSbc3C46Pg8fTBSpJh5F2LjOvZcK8Cp4bgc7H33XIwCr743CUcv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaaf3372f-FRA
6658.dc2fd4177fa973c9ceb2.js
static.fundraiseup.com/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/6658.dc2fd4177fa973c9ceb2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bf7bc0004aeb0dc1b7bb23f128ac24f0302a776cd1950295bc6ffae6e990bf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HWFEVNRH1GBH7S68
age
1743745
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/bItRw+zuqyEANDZ1efMkCrK+fBtIuyXFIuQVsSzjKgLvIk2ABZ68z8m+2ygl66oYpKyo4g0oh0=
last-modified
Wed, 13 Dec 2023 09:34:52 GMT
server
cloudflare
etag
W/"179e147646e0cd73902eb5b2db332b0f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTZKsJukpldmOzzyrd4B85FZYlf2TV2feQ7x%2FZaojnV2P9pjqDGvVrbTkcBlnqpdjCJl3h9yZVyfmmdoy7jGw2ST76pPthuVzrh9uK0%2FWJfciF%2FZWmdv%2FpcLEW9eSsxZ0FEqwQPSUyY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaaf4372f-FRA
3646.260d4a1075292b4adf02.js
static.fundraiseup.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3646.260d4a1075292b4adf02.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb83ac4c1a72227dd5036318370e6523f7a06d0e9f791efb6f6fe34b22621ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5AN74CW8D14TXXNW
age
446090
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
7ErrOjCACpgTTQJpsg8Tp9BsmzC4SOh0FJ2i8KWPkTJfUw4w3HaF3+xYrWSnz+zxc42gZuDe7A0=
last-modified
Thu, 28 Dec 2023 09:56:31 GMT
server
cloudflare
etag
W/"2411304c845454ffdbcb9e14e0698788"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DKnwZMTEc84XYB9V1JBcsNlWDQ4anwDm3zGdBUNFiMaDjjpifolkvv1ZphzA9RIIAvFop3FulPCEvQoGC9uRORBtKHC50esz5I0Y3Phx%2BAeYUuf%2BWTkqeSVLKpSN2%2BLH%2FVAuSF2xv8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaaf6372f-FRA
3105.d6e00ff8e93a442df385.js
static.fundraiseup.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3105.d6e00ff8e93a442df385.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc4700b8677a899840ce32bc6c1b5d5405e5d7f2e14a338ed95e4fe40a2bb96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZS8TCXK4EM0VR5
age
18584
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
X7y8sHgwVF2zNwDBr84dD8tctTNiBmZu2w8ST3H3EuyV8LLMJOB/8bNcq0Uw8XBDYvgGrzWMbpw=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"36ea0ba3a6b621751333520ee8fd1f70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHcXoGbGLAzDqhKgW7AuR%2Bw7yNX6GjlbdmXLZ6OMGCEgFtM2DdiT3IiF584ZffWVL8GXMQJkPBuL7AADSNf3LzvLe7Q3A7RNo85Kzm4nhsRJtbBlbj0fdNgsycA1goNPAJdqQhldCYA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaaf8372f-FRA
3092.789e5f7657c128376286.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3092.789e5f7657c128376286.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50d15896eb602b52225697467a0e13195cddd10423d86ccafc7598f8a6a6111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8KP55HC4N9XTZK
age
18584
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
gb62nSkF8+A8PY8FiSvtl8X04DJ+vfX8nufElQnInQJ35tTK6JmyY/fq2X93Iuyv9wQLWRphSjU=
last-modified
Tue, 02 Jan 2024 08:46:52 GMT
server
cloudflare
etag
W/"d94f94636a66837a35470b946952786c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUGm5I3V3GiAnq%2Bhr0zcak34LW1kRw8aaC6%2F%2BgAapzlSLgy6QmOPXRrS0Vkkqsl%2Bqs5%2BlTZW21pvi82uLtCMiRTCg9IgRiuwM6HJykQoXcOCwgzfJgLQkY8lSHzItRTudRUKNaAU2RI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaafa372f-FRA
9927.0b1e038f382f072de5e9.js
static.fundraiseup.com/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9927.0b1e038f382f072de5e9.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49e6f18090a8c3b811e5d7d50a1cd9e83272f1ecbea95624373950070500a90d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8V821DVXWACE22
age
18584
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
NhX6gGbK4E2JQERJ1jxpTHl0HIjsPU3AWHAfgtHxUbkUAtKTEBrUI598j5Bof8POjSIyJw4D2Ec=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"3a9bfdc394ebc7d6ad30abca79e6f251"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CY6IJ%2F54Wm7OuPeMOiRoR9mg8cOFL4auiDeFBU%2BEIPBZDTzWU8y7T%2BC0mZ91NqiSUw6EnvId48J5TZziWmtqiEodmzgbwbIWXqPkNls0wZ4AnfLgMCD5kMMlt2UWqbo6Z5bwNTVqx8w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaafb372f-FRA
7730.aaad688a89216a2cc75a.js
static.fundraiseup.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7730.aaad688a89216a2cc75a.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276867c5c3ce0b2f35e900e8e9c73fa7dc25a53802bb365f2d20642fd253f79c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZZZF4QVQ4JVYH1
age
18584
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
bt1d8Zq3dCJRXgfkTTY0R29ev18z59CiVhv/eFVlOZsxroI6i+XI/EMc8rsQtlQRv4iVpF7NU9w=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"641661c170adba24f7e5f887e0ee88bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Tt4VnAUntbhgSvA4riih8k%2BYUM9ji5IDGzaWC2rDUdyazRmCSFyjzywWsTy6FnF%2FQTisAUYJVV8qGG8QyJjbAJ3lv%2F4P2YSFgHnl10snYS4uPC3GVHcdHRBpYry8KFVhJ2Qtk3Eq%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaafc372f-FRA
8598.d58b9cdb2bccb5cd9149.js
static.fundraiseup.com/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8598.d58b9cdb2bccb5cd9149.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46de8ce43bbbc4282b65b9805f4f7c462f812ce23b615379b468beb09a989a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZNFA0GW2GF59CY
age
18673
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/NUB8dpLt9Z1mgaitjFsV1wCPuuDKoZjMssNia5vBvHn8EXAreKTi7uu4Sw5r6mgIHFmTMOdkbI=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"854d674b89e3d93f020393ce69f5a7fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sUOF2KzoHTbBxxaGNnLlEOxF752W8rsqDusJvMMDiVO5S5B8sk8vY5WoQtKqhlip%2Bd2eBD0tza7UltE%2FlQuEED2ETdqDOCNMPHiVcKBSa1c97X0N%2FyBdOktiz%2Byz1cBkxaCY4f%2FP7U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaafd372f-FRA
3313.8bb649db75fb9f932d94.js
static.fundraiseup.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3313.8bb649db75fb9f932d94.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b21363e68e52f1ba52f2f292a183e39f00372c248ecfaf0c5c1fa671ff46a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZP580FP8A5VGYS
age
18583
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
SwHkrO2XE1mo2O3oRXqaHmPAISGL5w3vzWqAqYxJPFXKfzGU9dlhsyzzaYHVBcKXRni1R9LtA8Q=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"85d22b265ca08373504a09621adb500c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvaSfSU0Ssp22WQJccwKeYMAP7w96O5oeVs3jnfLRMI%2BPYSDVX1Tc7Hfi%2F3BCQWFVdbByaRkGtZ2DWZNULnkUO%2Ba8EkPYpxyCD7NSNuFLBOpjSVnnlwBqBH2AAVbkEtK5XJs5Gx6Jeo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbaafe372f-FRA
617.b191c125d86fae215d94.js
static.fundraiseup.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/617.b191c125d86fae215d94.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3a41aaf9de8dcdbb1aa7c552942868390ff131f4ae48acd79df9d5a7ff996f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
GDXVS6AZSMBX1RMF
age
1654662
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8IYmc517lx+JwZOVQGVN0I2hjPfFaUX7gjoFpzbEoWrPhil7qHMMb4lzyfna/00D92E+o8EFUgM=
last-modified
Thu, 14 Dec 2023 10:21:52 GMT
server
cloudflare
etag
W/"9d235534a9b590256d5f9f919849f1c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MriZFnd1GBWrQHN2mD%2BsGsZt%2BVIUTyWRTHMDC1C2RnBj11uk4aicguv86Rp4%2FsJ1SvflCcgd01kF9qGZRUuwCP3qm2j0xVNllEZoIWA8MWLeIgkhBP09Q1F4DAiOqyVbjvccoKvVfCA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbab00372f-FRA
3755.885174add6f9f35ea1cc.js
static.fundraiseup.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3755.885174add6f9f35ea1cc.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32c2ce3fc3f9f303fb23219d570a67d0c55951c3f6c81b25e440ba6fb68e60d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZVMRG6TSSH1ARQ
age
18583
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ns4UfLOn762abyqPk/JISKBL7pRsAUs7wu4bnOHhOo9hC2JHVjDeRtVh7rTo9UrtgJm5l7ThkCk=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"6332e5261fb5e132c86e8e991694cf7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrCxs%2B%2FOdbN9XD2q%2BPewTv45NG6n7WbCkRm11ibexD7%2Bh6aMuEDwxI5meW48LRvP942fJxBF9stvP4%2Fv9DIzv6PxHlYB57HCxdnhi8Dog1RRnPtDYSwdjPyF3%2FouIf6X8zglYdoKNs4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ddbab01372f-FRA
/
ucarecdn.com/36e1897c-937c-4cc1-9c7d-220d75cd62d0/-/resize/x50/-/format/auto/ Frame F10A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ucarecdn.com/36e1897c-937c-4cc1-9c7d-220d75cd62d0/-/resize/x50/-/format/auto/
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
47a019a4a25f09f59e801a8b3d77f63a3a975a4c763f8430defa7987e14d7d64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
x-image-width
50
server
Uploadcare
etag
"5f0f074f24722ebb2e429bbb349da7d7"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31494869
content-disposition
inline
x-image-height
50
content-length
1937
pptm.js
www.paypal.com/tagmanager/ Frame F10A 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.marchofdimes.org&t=xo&v=5.0.416&source=payments_sdk&mrid=QC6F4C27ZTBFE&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&disableSetCookie=true&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=QC6F4C27ZTBFE&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b17a420163b181948e21b8a69880c8f8098f369084006bfa920b62194ff3c81
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pCgVJZe6x60Pu5oN1W2d6fUEFCC5C5Ayvc3mcueBMcsm12pQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pCgVJZe6x60Pu5oN1W2d6fUEFCC5C5Ayvc3mcueBMcsm12pQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:15:52 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
63697
x-cache
HIT, MISS
paypal-debug-id
f5696235c4423
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4778
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230116-FRA, cache-fra-eddf8230116-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f5696235c4423-a4a84418f06c25b8-01
x-timer
S1704204953.929421,VS0,VE11
etag
W/"3673-CDYthXayTPHyhbZkx+ebL7PTxgs"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
2, 0
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 763C 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:09 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2266
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Q47WUsm4v99xG5lMv6T3K3j2_Ly3Dh8Slj_YPjr79fNVrxSJ-y_hbQ==
controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
js.stripe.com/v3/fingerprinted/js/ Frame 763C 		688 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:41:58 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2035
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Cloudfront
etag
W/"5ce54273e9cefa73649bdfcbf46e58d4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
zdntxzokWFNL0hIiTp5YJbPcr4-J8pRv2BwGO6yDf-Sa3gj8WdYvEw==
csp-report
q.stripe.com/ Frame 763C 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953568596
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953567387
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame A912 		930 B
610 B 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
296
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:15:53 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
285
x-content-type-options
nosniff
x-request-id
6ecdc002-c913-4d5d-a954-74ef1ce4f599
x-served-by
cache-fra-eddf8230101-FRA
x-timer
S1704204953.060314,VS0,VE0
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame F10A 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JRHXQMSM67EY00C2
age
28603
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56460
x-amz-id-2
xA3leN/+qQtWNYTASJrzIxjfOJzV1KTyMNuf10Kgxu65eSQkWM/b3eAX71BopOU9V/fuZz3cO4Q=
last-modified
Wed, 06 Dec 2023 09:28:27 GMT
server
cloudflare
etag
"cc65a7d46bec1bcadfd3a27d571765f5"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCh8HW6e6Ptgwp68tHHVtLQ3RzducKTVmusy3rz8gPTtDd2Y17o3uQSBBgBYYaUPe8WTPMDlrG7AvduZQ4SvyQr3kGjtDag%2FvRy3kPS3Z82ksnzDf8EdkBQaT996tpUGJPZaMssyxtQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39ddbefba30d6-FRA
inner.html
m.stripe.network/ Frame 793C 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
296
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:15:53 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
285
x-content-type-options
nosniff
x-request-id
3340f86f-c4b2-4e2b-bb64-5f7e4f281436
x-served-by
cache-fra-eddf8230101-FRA
x-timer
S1704204953.060314,VS0,VE0
controller-a8db3be7204dff5e963b6f0fd5121b28.html
js.stripe.com/v3/ Frame FA05 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
15
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:15:38 GMT
etag
"a8db3be7204dff5e963b6f0fd5121b28"
last-modified
Fri, 22 Dec 2023 21:08:02 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-amz-cf-id
k53hH_BYrL-1fD0sUexfadUS7Jwj-5sv-xNZZykN16SgLNG9QM9a-Q==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
js.stripe.com/v3/ Frame D7FF 		820 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e7e7f216e2add2e5655784665bea48f8efed39c8be96c40782b3f0cf84df6bbf
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1760
cache-control
max-age=31536000
content-length
820
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:47:48 GMT
etag
"5d9a311984498e026b1badc5a52d6bcb"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-amz-cf-id
5erkmO_DyTEGAxUjmt6woWIWvu6mOymN7hLw1kq7TYlgCkz7AbQ3OA==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
logger
www.paypal.com/xoplatform/logger/api/ Frame F10A 		1015 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=QC6F4C27ZTBFE&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ef2e49c9b4d9553227397b7dfaa8c8f46f197b410cff5942279711cd49c62abf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f1029670f470c
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-eddf8230122-FRA, cache-fra-eddf8230122-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f1029670f470c-7577a1d2d5c0f21d-01
x-timer
S1704204953.394255,VS0,VE171
etag
W/"3f7-lhbn3tmmBeM9Zs/NF62YeR+oTw0"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.marchofdimes.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.marchofdimes.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.marchofdimes.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Tue, 02 Jan 2024 14:15:53 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f1029676b0bc8
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f1029676b0bc8-7b7fa058b6a2ed82-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230122-FRA, cache-fra-eddf8230122-FRA
x-timer
S1704204953.142203,VS0,VE187
elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
js.stripe.com/v3/ Frame 305D 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2332
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:37:05 GMT
etag
"74c94b12a3c991276d75d7e7135461e8"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-amz-cf-id
vHmKTsgpu2vtpzUEguL8YR3gDEXflt5sQO7Kt5aXTsA-aYX09ZpS-w==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
js.stripe.com/v3/ Frame 4521 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2332
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:40:18 GMT
etag
"74c94b12a3c991276d75d7e7135461e8"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-amz-cf-id
52CyrPcZpYgUGamYUSq_AoTautt0RoLLzkUjXsCmpsnY4Vpq5RiJwQ==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
js.stripe.com/v3/ Frame 158D 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2333
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:40:18 GMT
etag
"74c94b12a3c991276d75d7e7135461e8"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-amz-cf-id
J-ZVvG6I2hGuG2hZh2KUP3J61Xeg-na-HLKcs3rBzLkYD57W6RqNYQ==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
js.stripe.com/v3/ Frame 75F9 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7a5d1a8956ee3f319edea53bf11ba07988f8c6a0b6204633cee6a41b4b216127
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3305
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:20:48 GMT
etag
"a59168b21e202d878ed59c4fbe9405b6"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-amz-cf-id
ZmwfKDZKNJHhHddRTRPuFYJWww4Vzctv8lC7yCSFT-lqpMtvKXL94w==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
act
analytics.tiktok.com/api/v2/pixel/ 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.110.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-110-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
f67a807.38ac02a5
date
Tue, 02 Jan 2024 14:15:53 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24010214155363D06219B8879CA1A19C-4752B1673974DD5E-00
x-cache
TCP_MISS from a2-16-110-63.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
159,2.16.110.63
server-timing
cdn-cache; desc=MISS, edge; dur=117, origin; dur=50, inner; dur=48
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024010214155363D06219B8879CA1A19C
x-cache-remote
TCP_MISS from a23-48-100-80.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
50,23.48.100.80
x-tt-trace-host
0165e47387a63d2aa752b09d3ce4dcb185914b232de2858eeb228747cd424aabcb78c4d83a32ca4a1687f883d0400579dd992abf92016844d3a0f176f76704b0d0c0a1ffc73413fe75216a47a32f51d90835950fc73ab8ef731a1aaecdc32aa68bd916d9af6fd036938070d60b3e2dc689
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jan 2024 14:15:53 GMT
muse.js
www.paypalobjects.com/muse/ Frame F10A 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=www.marchofdimes.org&t=xo&v=5.0.416&source=payments_sdk&mrid=QC6F4C27ZTBFE&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&disableSetCookie=true&vault=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48DA) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
7d1e382a2bb48
dc
ccg11-origin-www-1.paypal.com
content-length
16488
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (ama/48DA)
traceparent
00-00000000000000000007d1e382a2bb48-25405d1f8922f231-01
etag
"64f25363-daa8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 02 Jan 2024 15:15:53 GMT
ts
t.paypal.com/ Frame F10A 		42 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AQC6F4C27ZTBFE-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AQC6F4C27ZTBFE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=427565ab-c1a8-42ab-b84a-a768c3a498ca&fltp=analytics&mrid=QC6F4C27ZTBFE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1704204952993&g=-60&completeurl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&ru=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&disableSetCookie=true
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 02 Jan 2024 14:15:53 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
e5355b39fe558
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230108-FRA
pragma
no-cache
correlation-id
e5355b39fe558
traceparent
00-0000000000000000000e5355b39fe558-94a853ae69f541d2-01
x-timer
S1704204953.077095,VS0,VE164
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 14:15:53 GMT
sid
mug.criteo.com/ Frame C3C1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=www.marchofdimes.org&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=iWxyg3w2Mng5RGxydk9JNk1ES3pqK3JkOUdOL3lsYWVPa0J0QzdReXhrcUdpTDJGSzlWbkQxM2ppY3FrcmNadVpsWDR0TThxeFJxZ1FCbmpoN3Mva2hkUlJpV2VVcXpnbGc5Ym5teGM0QU82UXJMZTRFR2tMbm82cllLdW...
446 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=iWxyg3w2Mng5RGxydk9JNk1ES3pqK3JkOUdOL3lsYWVPa0J0QzdReXhrcUdpTDJGSzlWbkQxM2ppY3FrcmNadVpsWDR0TThxeFJxZ1FCbmpoN3Mva2hkUlJpV2VVcXpnbGc5Ym5teGM0QU82UXJMZTRFR2tMbm82cllLdW1rUUYxckppWkF1ODEwT3I2d1FVckJCOEN3RjNEOFdVY1cyL0RMNllESWlNTEEzUVp1VHRTck1XWjdoNGtiRXFPa0RFdXBLb2g0YUh1amgwQ0lHTHF5bmdUUVYybkhuT2ZHSUVXajZ6R3ZGZFo0YnV4SXN6eTBHQ2xWbFgvMnI2RlZFRDFZemZlVkNRU21nT0Q1ak8rM2g1RTMrSTgvdWxVVFV0ZkxCRkF0L0sremowZldFeU9sRzVkbEd2WCtManpOaGxNcWxqOXw&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3a240243a42eb267f22d7f872b2c0638a3717cdb26ca1b014b151129b17cdb82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1096290
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=iWxyg3w2Mng5RGxydk9JNk1ES3pqK3JkOUdOL3lsYWVPa0J0QzdReXhrcUdpTDJGSzlWbkQxM2ppY3FrcmNadVpsWDR0TThxeFJxZ1FCbmpoN3Mva2hkUlJpV2VVcXpnbGc5Ym5teGM0QU82UXJMZTRFR2tMbm82cllLdW1rUUYxckppWkF1ODEwT3I2d1FVckJCOEN3RjNEOFdVY1cyL0RMNllESWlNTEEzUVp1VHRTck1XWjdoNGtiRXFPa0RFdXBLb2g0YUh1amgwQ0lHTHF5bmdUUVYybkhuT2ZHSUVXajZ6R3ZGZFo0YnV4SXN6eTBHQ2xWbFgvMnI2RlZFRDFZemZlVkNRU21nT0Q1ak8rM2g1RTMrSTgvdWxVVFV0ZkxCRkF0L0sremowZldFeU9sRzVkbEd2WCtManpOaGxNcWxqOXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
298941
content-length
0
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 898E 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:46 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
8
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
1fqaEOP03yPc9FYuMQ_tBrf9-BVo-EgUbX_k-MQKCxPw3JmlkwtEoA==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 898E 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:46 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
8
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
M5ernO4TSihY3Px36YEAO2XAvyorZd7NyGNOsuHdy6MLNN11a1AvSg==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame FA05 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:09 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2267
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
qXnAV4qoetFwqGwbQdI2eG98s6Kce8CBLhUPK70S9x6RJhDId1ka3A==
controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
js.stripe.com/v3/fingerprinted/js/ Frame FA05 		688 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:41:58 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2036
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Cloudfront
etag
W/"5ce54273e9cefa73649bdfcbf46e58d4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
hy4z9N8K52N8eaXg6YLZO6wiejTnQT5FIBgLG4Zbo69_xAgQoD341Q==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame D7FF 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:09 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2267
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Ml4Rr5cmdWdxXSWxTj04qc-6ctw9qEK_M-d_4zZpeAhkqrh-S_knsA==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame D7FF 		404 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:21 GMT
content-encoding
gzip
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2673
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
9wnQz7hkEJp-4gHsUDWV8CFggJ7AOxRLPclmOh8ZsFftwhNeeTEalw==
elements-inner-au-bank-account-34c8ad6a1ca3f37a9e46b5abfb1b8555.js
js.stripe.com/v3/fingerprinted/js/ Frame D7FF 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-au-bank-account-34c8ad6a1ca3f37a9e46b5abfb1b8555.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
2d414e5f00e69a14d9e552014d9f932df7c40b618b2904726170fb689ef8fe87
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:09:14 GMT
content-encoding
gzip
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
468
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Cloudfront
etag
W/"b80aa36d0aa050d116b6c701597397d9"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
UoNChRMZLuYiy7n66fqkECqNQRr4py8hqmuRgD7IuWTgw7CQQr0uSw==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame D7FF 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:45:59 GMT
content-encoding
gzip
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1795
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Tue, 19 Dec 2023 21:32:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
6H_RqVq06l39BrP6clojKzZyPQ0_jAlQIREwarJxB5NvPeyuG0cjjw==
elements-inner-au-bank-account-e34451f632d458dc560a07f1f94a5e0a.css
js.stripe.com/v3/fingerprinted/css/ Frame D7FF 		764 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-au-bank-account-e34451f632d458dc560a07f1f94a5e0a.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6ec65ff8562887c03245269b73d1ebb60f6f619d9bad49c6ce2c956e7a0826f4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:59:49 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
1078
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
764
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
etag
"0507b76e911911910d0e35f2024dd5c6"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
O2IiORLctTGaNAX3lLhZRNkMuqkiVP1pDrrhwI_8ebkP2HTTCPP8cQ==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 305D 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:09 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2267
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
cBJEsS6s9oFQ9kgHRkgnhoYNyJCVzknILxzUsCz3aGVu5yDnI3dilA==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 305D 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:32:59 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2673
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
6yFAyzZj_OdL63kh-7QogSyZRugV3Rj791h2Qx7imcVxfZKs8s3Teg==
elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
js.stripe.com/v3/fingerprinted/js/ Frame 305D 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
content-encoding
gzip
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
50
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Cloudfront
etag
W/"b5688a01127f6b7ade6e2a5679b5b032"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Bv7j-tsgXWIZhuUSdRz0YxCcUlua-jOtwlWyerVgGkI-nYSJY1Yxng==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 305D 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:46:48 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1795
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 01:22:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
U5KWBDeWSvDaq3Zaziv65PZk_g2OaQ8LhHSQdjgSUPgGHJCHOdbTZg==
elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame 305D 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:03 GMT
content-encoding
gzip
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1614
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
etag
W/"8385166c06e8d209fc459b542697c4fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
YtuF3PgaryqsHfCzvXlGqPc3cOqybEnvI8bPHZp6HvGeQwcCSm5ctQ==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 4521 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:09 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2267
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
ktVNcoi_0Clx8FkqY96QiJSHKQjmGUinHZhzaEu2Qjro0Hf9Y7KwIQ==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 4521 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:32:59 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2673
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
1kYlqyVHFSskkgIC1QlaLn_fel9e0miKPzId6Z6X58Zg-EzI1ctCbQ==
elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
js.stripe.com/v3/fingerprinted/js/ Frame 4521 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
50
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Cloudfront
etag
W/"b5688a01127f6b7ade6e2a5679b5b032"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
zDPJdSOn4fkDHFMHOlf7H0sZhvbT6484JowneM1DYEbApw-_W7rghQ==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 4521 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:46:48 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1795
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 01:22:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
hyU5PUZuNEajgUeFLkgQ_9a8t4tRA1x9xOCMu2VH5t0zJ7i_hreGXg==
elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame 4521 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:50:49 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1614
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Mon, 18 Dec 2023 21:16:55 GMT
server
Cloudfront
etag
W/"8385166c06e8d209fc459b542697c4fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Az8q7BhzKepQZ3buVYqfv-Vv_KEaP5dW-BOoQneMOvK7rnOf7vcZYw==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 75F9 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:09 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2267
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
4Wg1yNsyFBGFvQaW8FtRXkm2IdHNVnip3qXclAyWyQTLPIGWPKDpcg==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 75F9 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:32:59 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2673
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
tAxTRBpe54Mydp-rURiHpb_bHu0yiIeS-hDszhaKYKsmZR5egEPWQw==
elements-inner-iban-4ac6a58186cbdc786747a784d558aba4.js
js.stripe.com/v3/fingerprinted/js/ Frame 75F9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-iban-4ac6a58186cbdc786747a784d558aba4.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f16ade3e5da5d485764a1d4ca2aa3f94f757b785195b04d391de88680adf76ea
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:36:29 GMT
content-encoding
gzip
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2375
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Cloudfront
etag
W/"21b89b442b725a93ba30c1992c145c02"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
nVm7wrXbrOS_QKyv280nGmrsd7taUBpct_ibIAZ3R1VRzDZVSBO0Fw==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 75F9 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:46:48 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1795
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 01:22:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
9EqvHB0M2q8MagYxCHu2Po38u2YGnUoGCeigzf_7fBBxuHHmfC2hxA==
elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css
js.stripe.com/v3/fingerprinted/css/ Frame 75F9 		485 B
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:51 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
10
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
485
last-modified
Mon, 18 Dec 2023 21:16:55 GMT
server
Cloudfront
etag
"f6ff2b5ca153d43c332b4e54c118e3d0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
nyXA9SYx9yYL6Q1TUWPW_PBdVXEcw8nKejOEXENHzMuvctXACR3Nfg==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 158D 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:09 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2267
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Htu_R5gOOLN8fKXtWKLVdc51qHL02ESzCePKaXDkLzgXAaiJe5BMow==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 158D 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:32:59 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2673
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
q3uXQvcsQINxivIo6p4w0HkwmQkkr67kEbTlahZD0ccnWVZ2-9wX8w==
elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
js.stripe.com/v3/fingerprinted/js/ Frame 158D 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
50
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Cloudfront
etag
W/"b5688a01127f6b7ade6e2a5679b5b032"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
MDwFIK-vhsH64FY37gp0Sm3KVxUTGv9S9HRxT_llZ-wWilJUfdTPiQ==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 158D 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:46:48 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1795
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 01:22:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
G5HKHeLdVgBfSOc9OSznalA0wmLvsBlmUubiPytAVtvGcOTkKLSr6Q==
elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame 158D 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:50:49 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1614
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Mon, 18 Dec 2023 21:16:55 GMT
server
Cloudfront
etag
W/"8385166c06e8d209fc459b542697c4fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
v77kAQBwPpIva6cVShhTI-ZG518GF0Vg04-ph9HbsqgormiXCrJRcg==
event
ad.ipredictive.com/d/track/ Frame B987 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/track/event?upid=107549&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&val=&tn=9181224663147&cache_buster=[timestamp]&ps=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.238.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-238-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:53 GMT
Connection
keep-alive
X-CI-RTID
f3a51cdd-5910-40ca-99f8-755adf3732ab
Content-Length
0
p
e.acuityplatform.com/ Frame B987 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.acuityplatform.com/p?pk=9020304230610356278&pg=26254
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.59.122.94 Schiphol, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
Pixels
px.adentifi.com/ Frame B987 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adentifi.com/Pixels?a_id=3405;uq=491551279;
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.44.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-44-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
ld.js
dynamic.criteo.com/js/ld/ Frame B987 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=81237
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
abca992fa4e621e1b432acbd7111a6c3561a508229e1ae32873531feb1d24a17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
adservice.google.com/ddm/fls/z/ Frame B987 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 763C 		474 B
863 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:46 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
8
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
v5od07N-2v2MkTlU3836_6sTdSN-gA30XuXh4DxTcyxChdccALYfLQ==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 763C 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:46 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
8
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
bneUQE21mXMdD5VgUS1ZMGXXMxto0XEGQW4saXj6A1ycPxAncMYONw==
csp-report
q.stripe.com/ Frame FA05 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953568329
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953567512
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame D7FF 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953567730
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953567176
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame D7FF 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953569188
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953567654
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 305D 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953568117
x-envoy-upstream-service-time
4
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953567254
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 305D 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953568774
x-envoy-upstream-service-time
7
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953567683
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 4521 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953568022
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953567253
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 4521 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953568903
x-envoy-upstream-service-time
4
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953567633
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 75F9 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953568044
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953567447
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 75F9 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953567915
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953567517
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 158D 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953568354
x-envoy-upstream-service-time
7
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953567545
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 158D 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953567611
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953567284
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
events.js
tags.srv.stackadapt.com/ Frame B987 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
05a877586481c2150fbbd6e53ec1ce9ffe534635ea5b12dbdb93b7c26848eb74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
bat.js
bat.bing.com/ Frame B987 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:15:52 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C32121945B7F4500BD0CC7D0341EBE4D Ref B: FRAEDGE2019 Ref C: 2024-01-02T14:15:53Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
quant.js
secure.quantserve.com/ Frame B987 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:15:53 GMT
fbevents.js
connect.facebook.net/en_US/ Frame B987 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:15:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
5okiSvmZ1TA7bSg8WFJ2gmoCU+wzO+FfZF5qPvXn8tQdaTb5UM+G5x/D8ijWMKH0T3cWBn9qg0uk7Tacts8zBw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
csp-report
q.stripe.com/ Frame 793C 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953568205
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1704204953567338
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 793C 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:15:53 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
180
x-cache
HIT
content-length
15509
x-request-id
574ce28b-d152-4a89-9337-cd34df79a1a9
x-served-by
cache-fra-eddf8230101-FRA
server
Fastly
x-timer
S1704204953.158324,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
192
csp-report
q.stripe.com/ Frame A912 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953567963
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1704204953567266
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame A912 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:15:53 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
180
x-cache
HIT
content-length
15509
x-request-id
02801be8-878f-428d-a819-94b74fd5d6db
x-served-by
cache-fra-eddf8230101-FRA
server
Fastly
x-timer
S1704204953.158331,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
192
index.html
www.paypalobjects.com/muse/analytics/ Frame D1DF 		55 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B6) /
Resource Hash
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16892
content-type
text/html
date
Tue, 02 Jan 2024 14:15:53 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc"
expires
Tue, 02 Jan 2024 15:15:53 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
0c17123d9a14a
server
ECAcc (ama/48B6)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-00000000000000000000c17123d9a14a-d70a49df8ada56c7-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
b
r.stripe.com/ Frame 898E 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953568762
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204953568013
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 898E 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953568487
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204953567708
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 898E 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953568601
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204953567921
access-control-allow-credentials
true
content-length
0
saq_pxl
tags.srv.stackadapt.com/ Frame 470B 		116 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=zFWBFWbS14YYtkU1aQYdUw&is_js=true&landing_url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA%3F&t=&tip=NImTIJSQXug4fBYhyrCesyJSpCuY2QO6HlydxEZEDtU&host=https%3A%2F%2F8832015.fls.doubleclick.net&sa_conv_data_css_value=%270-9103c70e-71f1-5f3f-7e71-1c29291091e8%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd99103c70e71f15f3f7e711c29291091e8b2a2d184&sa-user-id-v3=s%253AAQAKIDcrH0qNXvRGAzgVp2QADF1jCnMlwpW-jnTART1sjNhrEHwYBCCYtdCsBjABOgT90vuTQgRdR9L3.UGvEA8HQCfZL9NB%252BIX3YzH550SafOXcH63CVzKivock&sa-user-id-v2=s%253AkQPHDnHxXz9-cRwpKRCR6LKi0YQ.2nKG6%252Bmt03JvthjsUcwTHwn0YTvRPvJnBA116V4jkv0&sa-user-id=s%253A0-9103c70e-71f1-5f3f-7e71-1c29291091e8.l1YWk69ZIvU7k5YTsuLu5luvm3qUAbgc948AhRZuyd0
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ae4ad442fdfac1ade543efd816459a6dfba4aeb6583e6e8cc17aee1dfacb65d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://8832015.fls.doubleclick.net
date
Tue, 02 Jan 2024 14:15:53 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
116
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
event
widget.us.criteo.com/ Frame 470B
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=33wbF194SG1BUEZGdURwbndsMWRwcHB1Ulh1WGNwU01XT3B4aSUyRnljSm42VUphSEk0RFQ3UWlGZFFab0NjSnhKa2NaOG1DcXVCWlNSYnRjM3VkQVRwTTJ5UHU4TlZsYXB2VEQxQkE0Qjk1b3FNT0NTVlhwYzFRSlJGRzBOcEY1anNQdVhoZTh5Qks2cElXcDNETzFXR2xHbVVvenc4RUlSTFBSMzZTeDRUcmk2NiUyRmt3JTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=1e8aba53-4fd0-4be6-8f4d-b0de0da9b3be&dtycbr=68762
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
837600943c21fa2ba2607395383c67e96318e30b94c32bb0521351d94ac22b62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
12138453
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-origin
*
location
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=33wbF194SG1BUEZGdURwbndsMWRwcHB1Ulh1WGNwU01XT3B4aSUyRnljSm42VUphSEk0RFQ3UWlGZFFab0NjSnhKa2NaOG1DcXVCWlNSYnRjM3VkQVRwTTJ5UHU4TlZsYXB2VEQxQkE0Qjk1b3FNT0NTVlhwYzFRSlJGRzBOcEY1anNQdVhoZTh5Qks2cElXcDNETzFXR2xHbVVvenc4RUlSTFBSMzZTeDRUcmk2NiUyRmt3JTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=1e8aba53-4fd0-4be6-8f4d-b0de0da9b3be&dtycbr=68762
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2870325
timing-allow-origin
*
content-length
0
expires
0
b
r.stripe.com/ Frame 763C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953567948
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204953567678
access-control-allow-credentials
true
content-length
0
rules-p-uyn8UnTsRXguL.js
rules.quantcount.com/ Frame B987 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:33:09 GMT
content-encoding
gzip
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2565
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:08:42 GMT
server
AmazonS3
etag
W/"b4a376a3ece8af98e7567e60db986dc9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
GqkP2IXpyHiQNvgWUhavA63ME94ED6NGPHMBsQcpMspO5ZDmL3WczA==
.deploy_status_henson.json
js.stripe.com/v3/ Frame FA05 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:46 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
8
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
l6Gm8XPLPEDXfGtmxM64FVwwUQ6kvpE-lShZ9ao4CCFinIcNbUVgag==
.deploy_status_henson.json
js.stripe.com/v3/ Frame FA05 		474 B
863 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:46 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
8
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
38DK1h9_Ek_8jyHgguF-w8J8WZpbc98zBaMHVg3e8iKizs6p8HUm-A==
812396462484872
connect.facebook.net/signals/config/ Frame B987 		134 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/812396462484872?v=2.9.138&r=stable&domain=www.marchofdimes.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d30717f2e8dc64c231e7f24843ca4ba6c9076d5e838b08e4d6efc0ee66b9f9c6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:15:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35834
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
kO5v6fijQrXafjjxGWTvvNfWfc5NU8IxUPLR3GfCUmJx8l6ep05N0zqZizK6ufGL2kcyeBStfpWbwOJ2RjumDw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
px.ads.linkedin.com/wa/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 82EB17621C9B459793382D86401ACA98 Ref B: FRAEDGE1112 Ref C: 2024-01-02T14:15:53Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
access-control-allow-origin
https://www.marchofdimes.org
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYN9yLdOC7dh4jl4Hh2Ig==
event
widget.us.criteo.com/ Frame B987
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=33wbF194SG1BUEZGdURwbndsMWRwcHB1Ulh1WGNwU01XT3B4aSUyRnljSm42VUphSEk0RFQ3UWlGZFFab0NjSnhKa2NaOG1DcXVCWlNSYnRjM3VkQVRwTTJ5UHU4TlZsYXB2VEQxQkE0Qjk1b3FNT0NTVlhwYzFRSlJGRzBOcEY1anNQdVhoZTh5Qks2cElXcDNETzFXR2xHbVVvenc4RUlSTFBSMzZTeDRUcmk2NiUyRmt3JTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=6bed1063-911c-43d7-a31d-bee2af3fa17b&dtycbr=83207
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6390d9e5b98e80d8c673c3625bcdb3af96a535ad7e122a7237b52c58c15c7172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
17325626
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-origin
*
location
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=33wbF194SG1BUEZGdURwbndsMWRwcHB1Ulh1WGNwU01XT3B4aSUyRnljSm42VUphSEk0RFQ3UWlGZFFab0NjSnhKa2NaOG1DcXVCWlNSYnRjM3VkQVRwTTJ5UHU4TlZsYXB2VEQxQkE0Qjk1b3FNT0NTVlhwYzFRSlJGRzBOcEY1anNQdVhoZTh5Qks2cElXcDNETzFXR2xHbVVvenc4RUlSTFBSMzZTeDRUcmk2NiUyRmt3JTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=6bed1063-911c-43d7-a31d-bee2af3fa17b&dtycbr=83207
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2903641
timing-allow-origin
*
content-length
0
expires
0
syncframe
gum.criteo.com/ Frame 00BD 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=81237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:53 GMT
server
Kestrel
server-processing-duration-in-ticks
1086967
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
6
m.stripe.com/ Frame 793C 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.252.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-252-180.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f6745aadd2615bf28153084daad04bd0181770b0679ccdfc7ef128972b535ff5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:15:54 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204954167230
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
4
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204954166575
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
25042596.js
bat.bing.com/p/action/ Frame B987 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25042596.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:15:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DAFF7814679942CFB7A831160166D340 Ref B: FRAEDGE2019 Ref C: 2024-01-02T14:15:53Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame B987 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=07e22c03-2a8d-4bf1-a870-717419e56a8f&sid=6fb99de0a97911ee93fd3fd4528cb3c1&vid=6fb9c090a97911eeb6d57d5c5ccb814a&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.marchofdimes.org%2F&r=&lt=292&evt=pageLoad&ifm=1&sv=1&rn=437750
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:15:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2E0A75D047D54188BAC91CF0CB87E641 Ref B: FRAEDGE2019 Ref C: 2024-01-02T14:15:53Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
noop.js
www.paypalobjects.com/muse/ Frame D1DF 		18 B
211 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (daa/7D46) /
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypalobjects.com/muse/analytics/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
paypal-debug-id
c95353fd3c613
dc
ccg11-origin-www-1.paypal.com
content-length
18
last-modified
Sat, 13 Feb 2021 00:26:56 GMT
server
ECAcc (daa/7D46)
traceparent
00-0000000000000000000c95353fd3c613-8080024dc7d5d4f6-01
etag
"60271cd0-12"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 02 Jan 2024 14:15:52 GMT
pixels
c1.adform.net/imatch/ Frame 5153 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=3179125&ADFdivider=%7C&ord=746536189417&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6a238ee37768c0cca88e1a160b3cea1b27b61b57c5509c60d4381eb41ed83e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:53 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
a1.seadform.net/serving/cookie/sync/ 		35 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.seadform.net/serving/cookie/sync/?uid=4679540176611712457&stamp=14GnKcjGNMUDvP-67D9Y4w2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
pixel;r=512070489;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPO73pbyvoMDFV_HOwIdDC0K7g%3Bsrc%3D8832015%3Btype%3Drt%...
pixel.quantserve.com/ Frame B987 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=512070489;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPO73pbyvoMDFV_HOwIdDC0K7g%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D9181224663147%3Bauiddc%3D1575397271.1704204952%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA%3F;ref=https%3A%2F%2Fwww.marchofdimes.org%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-1068998617-1704204952553;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=1;et=1704204953304;tzo=-60;ogl=;ses=41afa93e-0ca2-4f87-a2d4-7aa1c80d146c;mdl=
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
www.facebook.com/tr/ Frame B987 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=812396462484872&ev=PageView&dl=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPO73pbyvoMDFV_HOwIdDC0K7g%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D9181224663147%3Bauiddc%3D1575397271.1704204952%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA%3F&rl=https%3A%2F%2Fwww.marchofdimes.org%2F&if=true&ts=1704204953306&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=other&it=1704204953214&coo=false&rqm=GET
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:15:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953755782
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204953755614
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953756466
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204953756219
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953756476
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204953756314
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953756942
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204953756384
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953756765
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204953756493
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953756727
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204953756485
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953756760
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204953756583
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953756710
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204953756539
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953757313
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204953756659
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953757088
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204953756799
access-control-allow-credentials
true
content-length
0
6
m.stripe.com/ Frame A912 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.252.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-252-180.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f039983da8b48cf2ad315102774be94a7e79bd4a9f26a751b9971bb74304233c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:15:54 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204954359983
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204954359267
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
ts
t.paypal.com/ Frame F10A 		42 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AQC6F4C27ZTBFE-1&page=muse%3Aoffer%3A%3A%3AQC6F4C27ZTBFE-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=427565ab-c1a8-42ab-b84a-a768c3a498ca&es=visitorInfoFlowStarted&mrid=QC6F4C27ZTBFE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1704204953317&g=-60&completeurl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&disableSetCookie=true
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 02 Jan 2024 14:15:53 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
49d839f744b2f
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230108-FRA
pragma
no-cache
correlation-id
49d839f744b2f
traceparent
00-000000000000000000049d839f744b2f-f1acbfc09cd9bc53-01
x-timer
S1704204953.337881,VS0,VE146
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 14:15:53 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame D7FF 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:46 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
8
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
3dbhDRrdt8Wf_NTQSfeCTiwlONPG6ERJy4FNn-ZhxYA4Vlphe2P4nA==
banks-059715db431d46d5564d03a4d03a508a.json
js.stripe.com/v3/fingerprinted/data/ Frame D7FF 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/banks-059715db431d46d5564d03a4d03a508a.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3eeaf7446956d4f52db0d9d320988723bec23129315a8daedf665bab334d6b21
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 13:47:49 GMT
content-encoding
br
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1686
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:04 GMT
server
Cloudfront
etag
W/"059715db431d46d5564d03a4d03a508a"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
IQa2aDazblJdmX1FVF5mpmiUFr0JLal0sR1ayW2oK7DYMu396Ls-aQ==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 305D 		474 B
863 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:46 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
8
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
c13AC2yuhHH-C3rwlEDxFTXfmQi2PgJggy6uh3b3LnjeKUl2AXh10g==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 75F9 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:46 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
8
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
FASWDb8Xb_-GzOf1lusuDFeCnDClSNgVH_zAj_6EP84ONxnlGyUzZg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 4521 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:46 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
8
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
3k2mm41TlwB6QwYwmWpHQajLjoZNhhnJ9uUhf-jny7PA5DqgidH62w==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 158D 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:46 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
8
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
3joB2ZV_BvnOGF86xHz-Ad6apctNeOM7V_c_HJzAZ-K8Qu7LbyowHw==
sid
mug.criteo.com/ Frame 00BD
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=2&topUrl=www.marchofdimes.org&bundle=33wbF194SG1BUEZGdURwbndsMWRwcHB1Ulh1WGNwU01XT3B4aSUyRnljS...
  • https://mug.criteo.com/sid?cpp=QFlMQnxLT0t5T2I1TnpyUERMQUhYWWNaUU4xSitEOXEvL2FEdkh6T3BvUFUwd0ExU21RemtCbUc3enYxVStRZXdvUkZTUHoxeitWVzhOSDYySjZXcEduamVXa1kyVXcvcmptU0pUY3Z2WnRoWUZHYUJkMEEvWHQzYkNSeF...
452 B
673 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=QFlMQnxLT0t5T2I1TnpyUERMQUhYWWNaUU4xSitEOXEvL2FEdkh6T3BvUFUwd0ExU21RemtCbUc3enYxVStRZXdvUkZTUHoxeitWVzhOSDYySjZXcEduamVXa1kyVXcvcmptU0pUY3Z2WnRoWUZHYUJkMEEvWHQzYkNSeFIzRGJhVlFUUnNsOUpFRFNvK1YwSnJYaDZWb1d6dnNXU0kzb0EwVGRQekg4MHRnZFUweWtWWFJJTWI5TWowMlp3NWMyK0RFdXlUYm9zYmJyTllCMUhDdmovVGdMRFVBQVB2US9Oblc2VnFXZWdEdXMwZjEyZS9oWktJMjJhTzNvRzlqdmsvdi9LWFJIUFB4WDEweHMwSjV5a0dZTzRJckVzRHRqNU8zSkFucEoxbnZkYUFCNEx4UDBJcUVJT2VWZW1KRlBuQU50OGxEbGZjMHdFWUtLdFNOc2VuZUN2dlE9PXw&cppv=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPO73pbyvoMDFV_HOwIdDC0K7g;src=8832015;type=rt;cat=donforms;ord=9181224663147;auiddc=1575397271.1704204952;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA?
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b4a930b964d41cd26dff933f80902506f978fdf779c8027becc659f21264340a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
12603475
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=QFlMQnxLT0t5T2I1TnpyUERMQUhYWWNaUU4xSitEOXEvL2FEdkh6T3BvUFUwd0ExU21RemtCbUc3enYxVStRZXdvUkZTUHoxeitWVzhOSDYySjZXcEduamVXa1kyVXcvcmptU0pUY3Z2WnRoWUZHYUJkMEEvWHQzYkNSeFIzRGJhVlFUUnNsOUpFRFNvK1YwSnJYaDZWb1d6dnNXU0kzb0EwVGRQekg4MHRnZFUweWtWWFJJTWI5TWowMlp3NWMyK0RFdXlUYm9zYmJyTllCMUhDdmovVGdMRFVBQVB2US9Oblc2VnFXZWdEdXMwZjEyZS9oWktJMjJhTzNvRzlqdmsvdi9LWFJIUFB4WDEweHMwSjV5a0dZTzRJckVzRHRqNU8zSkFucEoxbnZkYUFCNEx4UDBJcUVJT2VWZW1KRlBuQU50OGxEbGZjMHdFWUtLdFNOc2VuZUN2dlE9PXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
320208
content-length
0
expires
0
tb
fndrsp-checkout.net/ 		2 B
267 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp-checkout.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPN5XwK8oYmN%2BPhR12aTDql3Jdksiu0Q09pFBb3m7Fs9s%2FtLQwyiOePji8i9A8eqLyYXA7786WhKuNgRH3TUlGWcGcKAiYVSATRwQwLxOjoGnVt99BiyAGSaxjB6yk9a3233tsQ8"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39ddebc522c1e-FRA
alt-svc
h3=":443"; ma=86400
sa.css
tags.srv.stackadapt.com/ Frame B987 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6514b472d22e99c9ff9fd09d7cb73046b276a1fbc114a71b09972897909c42a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ Frame B987 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953759075
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204953758881
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953759284
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204953759119
access-control-allow-credentials
true
content-length
0
wallet-config
merchant-ui-api.stripe.com/elements/ Frame FA05 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.202.176.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fb9c55f9d97f190529ed2b873c1b9e35e061cf61dfaa1756b42671314d89fe37
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
2472
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to=https://q.stripe.com/coop-report
expires
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953759773
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204953759164
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953759406
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204953759203
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953759649
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204953759452
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953759839
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204953759598
access-control-allow-credentials
true
content-length
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 305D 		474 B
863 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:46 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
8
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
6VFf7B5Piuhnt6hMyToraX9oQRf6Taiq18BDcPw5teyyRQy7n_-jAg==
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953760464
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204953759701
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953760376
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204953759810
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953760569
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204953760202
access-control-allow-credentials
true
content-length
0
plf
c1.adform.net/imatch/ Frame 5153 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plff
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
match
ad.360yield.com/ Frame 5153 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=4679540176611712457&Expiration=1705414553
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.211.145.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-145-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:53 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
ad.yieldlab.net/ Frame 5153 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=4879&ext_id=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:15:53 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 01 Jan 2024 14:15:53 GMT
token
token.rubiconproject.com/ Frame 5153 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=5232&puid=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
0c26bf0e0878be6b26493f33577d6373
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tpui
ih.adscale.de/adscale-ih/ Frame 5153 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=4679540176611712457&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.5.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-5-91.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 5153 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=4679540176611712457&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.201 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:52 GMT
transfer-encoding
chunked
content-type
image/gif
user-registering
ads.stickyadstv.com/ Frame 5153 		43 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:15:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1704204953449088-510
sync
x.bidswitch.net/ Frame 5153 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.203.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-203-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 5153
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4679540176611712457&expiration=1705414553
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4679540176611712457&expiration=1705414553&C=1
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=4679540176611712457&expiration=1705414553&C=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDg%2BDmZ0Q3FSPn1jOnsaSlS7v1GYKqtS03yOHMNrYamBOEx7BzZ41Y8GhIjaKa%2ByJ%2BEFwvKtySyLnZnwyyp7tteaI9WHQpG58eNiM9cHdtX07YhLzofKjTeIBSZVQUkqxxTLjE%2Fi5Hf2iw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83f39ddfbfc5371b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nj0xnhsjyQ%2FWnZPtJoKGxA5lvv%2BWQCm%2BG%2BanKxBlXiMxaOHdQ3go8jAzQdGRyuMtJLE4Ya4undHnPtJkHR8zrsTQBISCm4hy8Fd9LPyANWdYYWGS2QGK%2B1ylmVWUkyye56Au%2FeXVckzTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=111&external_user_id=4679540176611712457&expiration=1705414553&C=1
cache-control
no-cache
cf-ray
83f39ddf8f2c371b-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
12092831
se.semasio.net/sync/1/ Frame 5153
Redirect Chain
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=4679540176611712457&sInitiator=external
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=4679540176611712457&sInitiator=external
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=4679540176611712457&gdpr=&sInitiator=external
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7319504538843216017&sInitiator=internal&gdpr=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=2469801775646719594&sInitiator=internal&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Mjk3RURFNUEwODJDQzY3MQ&gdpr=
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESECgbh0IvpRYLTigxrwea6mE&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESECgbh0IvpRYLTigxrwea6mE&sInitiator=internal&google_cver=1&gdpr=
0
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESECgbh0IvpRYLTigxrwea6mE&sInitiator=internal&google_cver=1&gdpr=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:16:03 GMT
uip-status
Ok
frontend-id
16
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:16:04 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESECgbh0IvpRYLTigxrwea6mE&sInitiator=internal&google_cver=1&gdpr=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
match
ps.eyeota.net/ Frame 5153 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=4679540176611712457&bid=9gdtmu1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:53 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
pixel.gif
load77.exelator.com/ Frame 5153
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4679540176611712457
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=4679540176611712457&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 02 Jan 2024 14:15:53 GMT
x-age-lb
228081
x-amz-request-id
tx000000ae7c4cd40b41717-0065909fa8-5134150-nyc
x-77-cache
HIT
x-accel-date
1703976872
content-length
43
x-77-nzt
A5ySIYs3Nzf/8XoDACUTwjE3Nzexz9PUZlRUwgA
x-accel-expires
@1705012329
x-77-age
228081
x-cache-lb
HIT
last-modified
Sat, 30 Dec 2023 22:32:08 GMT
server
CDN77-Turbo
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
x-77-nzt-ray
cf878727e06a8e75991a94654092953b
content-type
image/gif
x-rgw-object-type
Normal
accept-ranges
bytes

Redirect headers

date
Tue, 02 Jan 2024 14:15:57 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
398366.gif
idsync.rlcdn.com/ Frame 5153 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/398366.gif?partner_uid=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=4679540176611712457/gdpr=/ Frame 5153 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=4679540176611712457/gdpr=/gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.85.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-85-3.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.49
content-length
49
expires
0
29729
tags.bluekai.com/site/ Frame 5153 		62 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29729?id=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 02 Jan 2024 14:15:53 GMT
content-length
62
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame 5153 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 5153
Redirect Chain
  • https://api.adrtx.net/thirdparty/click?p=adfo
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
35 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
HTTP/1.1
Server
52.218.37.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:55 GMT
Last-Modified
Thu, 29 Oct 2015 16:41:57 GMT
Server
AmazonS3
x-amz-request-id
PV337P2Q87VHDM0F
ETag
"c2196de8ba412c60c22ab491af7b1409"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
35
x-amz-id-2
OlTVCjB5zfhdDGPc+gC6k7cyN/qQginn+k6h1BkJHibSOtOYGg3t7bFC9JLTmcv2im+mLc2nYek=

Redirect headers

X-Error-Reason
Missing UserId
Date
Tue, 02 Jan 2024 14:15:53 GMT
Server
akka-http/10.2.10
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
137
/
cm.adsafety.net/ Frame 5153
Redirect Chain
  • https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=4679540176611712457
  • https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12024010214252acea4e840ccb076c&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
  • https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=8a33f43992ea32a22d9c0dbff19d801b&idt_did_status=added&gdpr_consent=&gdpr=0
  • https://tags.adsafety.net/v1/cm?cm_uid=CM12024010214252acea4e840ccb076c&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=8a33f43992ea32a22d9c0dbff19d801b
  • https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNDAxMDIxNDI1MmFjZWE0ZTg0MGNjYjA3NmM&gdpr_consent=&gdpr=0
  • https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEJhqK0UFPaWzS5vwmuVV4cE&gdpr_consent=&gdpr=0&google_cver=1
  • https://c1.adform.net/serving/cookie/match?party=28&cid=CM12024010214252acea4e840ccb076c
  • https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4679540176611712457
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
HTTP/1.1
Server
89.163.155.32 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cm50.as.net
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:15:57 GMT
Last-Modified
Tue, 02 Jan 2024 14:15:57 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=4679540176611712457
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usermatch.gif
beacon.krxd.net/ Frame 5153 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.241.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-241-48.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n011-dub-prod.krxd.net
date
Tue, 02 Jan 2024 14:15:54 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1704204954
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
c1.adform.net/serving/cookie/match/ Frame 5153
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NDY3OTU0MDE3NjYxMTcxMjQ1Nw
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECJKnBBgwfnomzmQfP1lbck&google_cver=1&google_ula=1641347,0
35 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECJKnBBgwfnomzmQfP1lbck&google_cver=1&google_ula=1641347,0
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECJKnBBgwfnomzmQfP1lbck&google_cver=1&google_ula=1641347,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
plf
c1.adform.net/imatch/ Frame 5153 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfm
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
setuid
secure.adnxs.com/ Frame 5153
Redirect Chain
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
  • https://c1.adform.net/serving/cookie/match?party=3&id=2469801775646719594&redirect=1
  • https://secure.adnxs.com/setuid?entity=91&code=4679540176611712457
43 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=91&code=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
an-x-request-uuid
805a9a68-29fc-404b-834c-fc2030589729
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.132; 178.162.209.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://secure.adnxs.com/setuid?entity=91&code=4679540176611712457
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 5153 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
pdw-adf.userreport.com/ Frame 5153 		43 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdw-adf.userreport.com/cs
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-72.fra56.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 20:48:11 GMT
Via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.22.0
X-Amz-Cf-Pop
FRA56-C1
Age
62862
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
s3z5HdGJvbDY94Qmke_z1tDKaZyDsvrgilLS77_N5lHiHXlMrWhpDw==
p
a.audrte.com/ Frame 5153
Redirect Chain
  • https://a.audrte.com/a?adform_uid=4679540176611712457
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmRidkVveURDMFJRSnlHSGQyLTNsUzlVQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
HTTP/1.1
Server
54.170.164.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-164-95.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:54 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 02 Jan 2024 14:15:54 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
c1.adform.net/serving/cookie/ Frame 5153
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=4679540176611712457&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=4679540176611712457&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=12990568880681314274251826280967779066&noredirect=1
35 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1007&cid=12990568880681314274251826280967779066&noredirect=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

dcs
dcs-prod-irl1-1-v054-0752fc470.edge-irl1.demdex.com 3 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
atKIC69iTZI=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://c1.adform.net/serving/cookie/match?party=1007&cid=12990568880681314274251826280967779066&noredirect=1
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
dmp.adform.net/serving/cookie/match/ Frame 5153
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=4679540176611712457
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=212920604749004718206
35 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=212920604749004718206
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
via
1.1 b6b3214c2f1500227643824508cb5d1c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
AMS58-P4
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=212920604749004718206
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
Yuqdx4ymURI_0NPs-kOruR3--Kg1cLrT6wXBh_PnlftsIphckgMpOQ==
expires
0
/
dmp.adform.net/serving/cookie/match/ Frame 5153
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319504538841184398
35 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319504538841184398
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Location
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319504538841184398
Date
Tue, 02 Jan 2024 14:15:53 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
33302
tags.bluekai.com/site/ Frame 5153 		62 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33302?id=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 02 Jan 2024 14:15:53 GMT
content-length
62
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame 5153
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=qmgp93LL1RkFyG5
35 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1084&cid=qmgp93LL1RkFyG5
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:15:53 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://c1.adform.net/serving/cookie/match?party=1084&cid=qmgp93LL1RkFyG5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 5153 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
server
Kestrel
content-length
70
content-type
image/gif
image.sbmx
global.ib-ibi.com/ Frame 5153 		0
0
0.gif
id5-sync.com/s/10/ Frame 5153 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/10/0.gif?puid=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
dmp.adform.net/serving/cookie/match/ Frame 5153
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=484760665
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=t0RhjYgxFVrRIzZaQn6YDu
35 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=t0RhjYgxFVrRIzZaQn6YDu
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
via
1.1 google
last-modified
Tue, 02 Jan 2024 14:15:54 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=t0RhjYgxFVrRIzZaQn6YDu
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
um
sync.teads.tv/ Frame 5153 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=119&uid=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 14:15:54 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:54 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
/
s.ad.smaato.net/c/ Frame 5153 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
cache-control
no-cache, must-revalidate
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
qfOoPW2Us_giIG_XIY-mCa-7UJJGhYyH-r2jgtls8s0ifY-9xFcPpw==
x-cache
Miss from cloudfront
4679540176611712457
match.contentexchange.me/adform/ Frame 5153 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.contentexchange.me/adform/4679540176611712457?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
ilog.vsn.si
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
content-length
0
server
nginx/1.16.1
xuid
eb2.3lift.com/ Frame 5153 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=4679540176611712457&dongle=AD20
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
put
e1.emxdgt.com/ Frame 5153 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d52&uid=4679540176611712457
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.138.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-138-113.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
server
awselb/2.0
plf
c1.adform.net/imatch/ Frame 5153 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfl
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=4679540176611712457&agencyId=9068&advertiserId=2177609&src=tp&rnd=160232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953760582
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204953760293
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 305D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953958711
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204953957870
access-control-allow-credentials
true
content-length
0
graphql
www.paypal.com/targeting/ Frame D1DF 		434 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
448f20382358c1983b60b912fe6bbb071f39a54a1fced1e643450e90244f1fdc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-aiCpmeSK5tirT/QNQc/4SLoptMK8zrz/GKO4bNSOxcrPf1ad' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
disable-set-cookie
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-aiCpmeSK5tirT/QNQc/4SLoptMK8zrz/GKO4bNSOxcrPf1ad' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 02 Jan 2024 14:15:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f785324d47a8e
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230116-FRA, cache-fra-eddf8230116-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f785324d47a8e-5a5db7bab8e1a8a8-01
x-timer
S1704204954.789812,VS0,VE320
etag
W/"1b2-tfG7j4J3bNwB7cP911ivTWiOgdI"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,disable-set-cookie
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,disable-set-cookie
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 02 Jan 2024 14:15:53 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f78532484fcb2
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f78532484fcb2-f47f08cf61ad7722-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-fra-eddf8230122-FRA, cache-fra-eddf8230122-FRA
x-timer
S1704204954.523423,VS0,VE173
saq_pxl
tags.srv.stackadapt.com/ Frame B987 		116 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=zFWBFWbS14YYtkU1aQYdUw&is_js=true&landing_url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA%3F&t=&tip=D7MYJbKs86pMjW5ZVv7TiJrY0LLxqwKDiARUgopQu5I&host=https%3A%2F%2F8832015.fls.doubleclick.net&sa_conv_data_css_value=%270-9103c70e-71f1-5f3f-7e71-1c29291091e8%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd99103c70e71f15f3f7e711c29291091e8b2a2d184&sa-user-id-v3=s%253AAQAKIDcrH0qNXvRGAzgVp2QADF1jCnMlwpW-jnTART1sjNhrEHwYBCCYtdCsBjABOgT90vuTQgRdR9L3.UGvEA8HQCfZL9NB%252BIX3YzH550SafOXcH63CVzKivock&sa-user-id-v2=s%253AkQPHDnHxXz9-cRwpKRCR6LKi0YQ.2nKG6%252Bmt03JvthjsUcwTHwn0YTvRPvJnBA116V4jkv0&sa-user-id=s%253A0-9103c70e-71f1-5f3f-7e71-1c29291091e8.l1YWk69ZIvU7k5YTsuLu5luvm3qUAbgc948AhRZuyd0
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ae4ad442fdfac1ade543efd816459a6dfba4aeb6583e6e8cc17aee1dfacb65d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://8832015.fls.doubleclick.net
date
Tue, 02 Jan 2024 14:15:53 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
116
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
token
api.fundraiseup.com/paymentSession/1475256470672328150/googlePay/ 		244 B
801 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.fundraiseup.com/paymentSession/1475256470672328150/googlePay/token?merchantOrigin=www.marchofdimes.org
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7c9e0c637802afc6a28d9b2a53ad9f33123f15787be4330c2c4d15dc3035f09
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
content-security-policy
frame-ancestors 'self' fundraiseup.com
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
x-response-time
77ms
pragma
no-cache
server
cloudflare
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.marchofdimes.org
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHjGPj8EWkRbxX%2FsmBR%2FnbuIZ5UDGT7Xu2Yfez4JuhuCSWbqm5I%2B2ef30FAtAqR0D1TT3L0%2Bwm4vyA1avK7RDg3GAcYjYFmwlI%2FiQALMCCjYMaLkHqcrlvAzZs%2BUt73T0BBHjFM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83f39ddffff9372f-FRA
expires
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 17D4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k--sX-QaNBKjsZyTbMNKqqQt1NaN3WtrjBxrGUjg&google_cm&google_hm=ay0tc1gtUWFOQktqc1p5VGJNTktxcVF0MU5hTjNXdHJqQ...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k--sX-QaNBKjsZyTbMNKqqQt1NaN3WtrjBxrGUjg&google_gid=CAESEON7zEFyQKqPz8YXJbC-T40&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k--sX-QaNBKjsZyTbMNKqqQt1NaN3WtrjBxrGUjg&google_gid=CAESEON7zEFyQKqPz8YXJbC-T40&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
953195
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k--sX-QaNBKjsZyTbMNKqqQt1NaN3WtrjBxrGUjg&google_gid=CAESEON7zEFyQKqPz8YXJbC-T40&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 17D4 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-GttfGKNBKjsZyTbMNKqqQt1NaN1MBoqkDhdanw&expires=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.203.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-203-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 17D4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2469801775646719594
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2469801775646719594
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1356070
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
an-x-request-uuid
531d9392-8c62-4785-ba88-e7fae3a01ecb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2469801775646719594
x-proxy-origin
178.162.209.132; 178.162.209.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 17D4 		57 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-CYwj8qNBKjsZyTbMNKqqQt1NaN00Bbv4yEpC9Q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 14:15:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:15:53 GMT
tap.php
pixel.rubiconproject.com/ Frame 17D4 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-uYWjxqNBKjsZyTbMNKqqQt1NaN0IzoSjovA6FA&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f2725c115d816cae2dce6044d9cf3fcf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame 17D4 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-85aa36NBKjsZyTbMNKqqQt1NaN0kaMHtKKM8Vg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.201 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 17D4 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-DQf1OaNBKjsZyTbMNKqqQt1NaN20c-ANJKz-SQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32152
um
criteo-sync.teads.tv/ Frame 17D4 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-eDEAfKNBKjsZyTbMNKqqQt1NaN0IvaB2R2ngKQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 14:15:53 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 17D4 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-qEYEgqNBKjsZyTbMNKqqQt1NaN0N-avyT6y7Pw&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 17D4 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-gEx8taNBKjsZyTbMNKqqQt1NaN0KiDP0Z-X_MA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cksync.php
hb.yahoo.net/ Frame 17D4 		56 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-gEx8taNBKjsZyTbMNKqqQt1NaN0KiDP0Z-X_MA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 02 Jan 2024 14:15:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
56
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:15:53 GMT
pixel
cm.adform.net/ Frame 17D4 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-aEUKPaNBKjsZyTbMNKqqQt1NaN2CTfUyV1P8Fg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
last-modified
Fri, 28 Jul 2023 10:22:32 GMT
server
nginx
accept-ranges
bytes
etag
"64c396e8-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 17D4 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-DMwyQ6NBKjsZyTbMNKqqQt1NaN2_HYrloAekFg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.112.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-112-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 17D4 		43 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-NRtQnaNBKjsZyTbMNKqqQt1NaN1YO8W96WLGBw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDBa0BElzJiveBNIyuGLCs%2F5eLGgHqC0x2a2c5w1UKXAZKpO26R9LG63LE%2BLp%2BjJYTa7rkJ4gafCX8J8cR1OVk4iSu4WNvmc%2FVVCuPnTiRSht0mPyR0Qt%2BqO6Y6%2FIdU7X8kr"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83f39de16ac0371b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
demconf.jpg
dpm.demdex.net/ Frame 17D4
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=qxpoCyNTtcMQMSbh7KoOIyNpatBe0v3a
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=qxpoCyNTtcMQMSbh7KoOIyNpatBe0v3a
42 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=qxpoCyNTtcMQMSbh7KoOIyNpatBe0v3a
Protocol
H2
Server
52.17.48.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-48-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcscanary-prod-irl1-1-v067-0bdddab1a.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
gVTsc84RRu8=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-038fdd4b2.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
ZhPQqOFcTvY=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=qxpoCyNTtcMQMSbh7KoOIyNpatBe0v3a
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame 17D4 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-gUXmSqNBKjsZyTbMNKqqQt1NaN19e9ysWu-WMg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame 17D4 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jlk9oaNBKjsZyTbMNKqqQt1NaN1D8Hxjz06Rvg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.211.145.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-145-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:53 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 17D4 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-QDgGmqNBKjsZyTbMNKqqQt1NaN2ZvJZvbGjUzA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 17D4 		0
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-45HbB6NBKjsZyTbMNKqqQt1NaN2PEI2B-gWnDg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.116.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-116-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame 17D4 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-4qu9_qNBKjsZyTbMNKqqQt1NaN19dGGYTFB8gA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.111.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-111-121.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:54 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 17D4 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-wtwZ5aNBKjsZyTbMNKqqQt1NaN0DYyP9IMCJGQ&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:54 GMT
Cache-Control
no-cache
X-TraceId
1466dfc8110bc3bffaa20bb66fd77f83
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 17D4 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Wnv1iKNBKjsZyTbMNKqqQt1NaN0576K-_grLLQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame 17D4 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-95HqU6NBKjsZyTbMNKqqQt1NaN1x0HCcMTGg1g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.199.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-199-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
sync
criteo-partners.tremorhub.com/ Frame 17D4 		43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-XG9IAKNBKjsZyTbMNKqqQt1NaN2iet0Topt3Og
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:cf3b:d950:bab4:515a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 02 Jan 2024 14:15:54 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 17D4 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-dYg9sKNBKjsZyTbMNKqqQt1NaN1eOEDiSH9FbQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:54 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 17D4 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-kLso2aNBKjsZyTbMNKqqQt1NaN16IkIMuVpUjQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:15:54 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 01 Jan 2024 14:15:54 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 17D4 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-A2MjQqNBKjsZyTbMNKqqQt1NaN348jwk6pQv7g&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.216.105.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-216-105-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame D53B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k--sX-QaNBKjsZyTbMNKqqQt1NaN3WtrjBxrGUjg&google_cm&google_hm=ay0tc1gtUWFOQktqc1p5VGJNTktxcVF0MU5hTjNXdHJqQ...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k--sX-QaNBKjsZyTbMNKqqQt1NaN3WtrjBxrGUjg&google_gid=CAESEON7zEFyQKqPz8YXJbC-T40&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k--sX-QaNBKjsZyTbMNKqqQt1NaN3WtrjBxrGUjg&google_gid=CAESEON7zEFyQKqPz8YXJbC-T40&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
855095
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k--sX-QaNBKjsZyTbMNKqqQt1NaN3WtrjBxrGUjg&google_gid=CAESEON7zEFyQKqPz8YXJbC-T40&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame D53B 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-GttfGKNBKjsZyTbMNKqqQt1NaN1MBoqkDhdanw&expires=30
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.203.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-203-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame D53B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2469801775646719594
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2469801775646719594
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
879190
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
an-x-request-uuid
eecc111b-e7a2-43da-8c62-51acc94775ed
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2469801775646719594
x-proxy-origin
178.162.209.132; 178.162.209.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame D53B 		57 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-CYwj8qNBKjsZyTbMNKqqQt1NaN00Bbv4yEpC9Q
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 14:15:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:15:53 GMT
tap.php
pixel.rubiconproject.com/ Frame D53B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-uYWjxqNBKjsZyTbMNKqqQt1NaN0IzoSjovA6FA&expires=30
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame D53B 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-85aa36NBKjsZyTbMNKqqQt1NaN0kaMHtKKM8Vg
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.201 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D53B 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-DQf1OaNBKjsZyTbMNKqqQt1NaN20c-ANJKz-SQ
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32152
um
criteo-sync.teads.tv/ Frame D53B 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-eDEAfKNBKjsZyTbMNKqqQt1NaN0IvaB2R2ngKQ
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 14:15:53 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame D53B 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-qEYEgqNBKjsZyTbMNKqqQt1NaN0N-avyT6y7Pw&dongle=013b
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame D53B 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-gEx8taNBKjsZyTbMNKqqQt1NaN0KiDP0Z-X_MA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cksync.php
hb.yahoo.net/ Frame D53B 		56 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-gEx8taNBKjsZyTbMNKqqQt1NaN0KiDP0Z-X_MA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 02 Jan 2024 14:15:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
56
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:15:53 GMT
pixel
cm.adform.net/ Frame D53B 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-aEUKPaNBKjsZyTbMNKqqQt1NaN2CTfUyV1P8Fg
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
last-modified
Fri, 28 Jul 2023 10:22:32 GMT
server
nginx
accept-ranges
bytes
etag
"64c396e8-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame D53B 		49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-DMwyQ6NBKjsZyTbMNKqqQt1NaN2_HYrloAekFg
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.112.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-112-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame D53B 		43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-NRtQnaNBKjsZyTbMNKqqQt1NaN1YO8W96WLGBw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRm7Qgj6SlSZHK%2FRgdepit1lSbQ5TLGTofsBdcn2RbXKQQEj9AMjSMgbTFwKM8y55j0pnKl8k6LHOPqLv%2FdPyYofNxisIV4r0xsI6mvmLFyuzVc2dql86wzdOlLxo3%2B4F9ja"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83f39de15abc371b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
demconf.jpg
dpm.demdex.net/ Frame D53B
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=DoXUpxnog3QlX1lnDQQbbX2fpbj8dOlR
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=DoXUpxnog3QlX1lnDQQbbX2fpbj8dOlR
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=DoXUpxnog3QlX1lnDQQbbX2fpbj8dOlR
Protocol
H2
Server
52.17.48.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-48-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-06695c737.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
nDLy3SjcQRM=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-0de6d1965.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
eakOpZQwTq0=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=DoXUpxnog3QlX1lnDQQbbX2fpbj8dOlR
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame D53B 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-gUXmSqNBKjsZyTbMNKqqQt1NaN19e9ysWu-WMg
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame D53B 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jlk9oaNBKjsZyTbMNKqqQt1NaN1D8Hxjz06Rvg
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.211.145.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-145-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:53 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame D53B 		42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-QDgGmqNBKjsZyTbMNKqqQt1NaN2ZvJZvbGjUzA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame D53B 		0
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-45HbB6NBKjsZyTbMNKqqQt1NaN2PEI2B-gWnDg
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.116.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-116-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame D53B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-4qu9_qNBKjsZyTbMNKqqQt1NaN19dGGYTFB8gA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.111.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-111-121.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:54 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame D53B 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-wtwZ5aNBKjsZyTbMNKqqQt1NaN0DYyP9IMCJGQ&initiator=partner
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:54 GMT
Cache-Control
no-cache
X-TraceId
c38352fb2be887d8762e1a21ae9fea52
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame D53B 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Wnv1iKNBKjsZyTbMNKqqQt1NaN0576K-_grLLQ
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:15:52 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame D53B 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-95HqU6NBKjsZyTbMNKqqQt1NaN1x0HCcMTGg1g
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.199.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-199-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
sync
criteo-partners.tremorhub.com/ Frame D53B 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-XG9IAKNBKjsZyTbMNKqqQt1NaN2iet0Topt3Og
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:cf3b:d950:bab4:515a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 02 Jan 2024 14:15:54 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame D53B 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-dYg9sKNBKjsZyTbMNKqqQt1NaN1eOEDiSH9FbQ
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:54 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame D53B 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-kLso2aNBKjsZyTbMNKqqQt1NaN16IkIMuVpUjQ
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:15:54 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 01 Jan 2024 14:15:54 GMT
put
e1.emxdgt.com/ Frame D53B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-LBwDYqNBKjsZyTbMNKqqQt1NaN3k9Z0u6FVV2A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.138.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-138-113.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
server
awselb/2.0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953958124
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204953957828
access-control-allow-credentials
true
content-length
0
hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
js.stripe.com/v3/ Frame 6F94 		70 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
06a1918709ba854bcfe97ef585a6cd91c56671b6d23c7ee5ed5177ad97e67243
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
19
cache-control
max-age=60
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self'; style-src 'self'; worker-src https://newassets.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:15:35 GMT
etag
W/"078b5f9fb44d244a9ec072f93a216630"
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-amz-cf-id
lz9cyyErBMpsQvs1VQnvrls-rdU5DuwndWP6KLdkocZ9LBTM_7wEsg==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953958171
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204953957868
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:53 GMT
x-stripe-server-envoy-start-time-us
1704204953958722
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204953958110
access-control-allow-credentials
true
content-length
0
setuid
ib.adnxs.com/ Frame 17D4 		43 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-Z0Doh6NBKjsZyTbMNKqqQt1NaN0fHeE4pogdQQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
an-x-request-uuid
75238c94-9c25-4987-885e-ff07bca7a862
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.132; 178.162.209.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csp-report
q.stripe.com/ Frame 6F94 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953958866
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953958173
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 6F94 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953959025
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953958191
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 6F94 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204953959128
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204953958196
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 6F94 		474 B
863 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:46 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
8
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
ChLVHqidib4PJeFgtK5GqBFOcz_6TZ3Bj3WE957iNa0b966Qc1A8fg==
HCaptchaInvisible.html
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame CB98 		419 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=3299ea95-cc0d-41dc-af04-4832d55bbe1b&origin=https%3A%2F%2Fjs.stripe.com
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
368dd7da190a6dab28436caf13245f59879fdb08fb07f4bf0b9e5f6b6e4fe7d2
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=60
content-encoding
br
content-length
283
content-security-policy
base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:15:54 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-request-id
18165f75-1960-4f4f-a631-e2d7cae7661d
x-served-by
cache-fra-eddf8230101-FRA
x-timer
S1704204954.900285,VS0,VE405
setuid
ib.adnxs.com/ Frame D53B 		43 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-Z0Doh6NBKjsZyTbMNKqqQt1NaN0fHeE4pogdQQ
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
an-x-request-uuid
15dfe002-57ae-432c-8f9f-a5c5243a7720
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.132; 178.162.209.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pay.js
pay.google.com/gp/p/js/ 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CG3EadygS8JiKzzqdssEbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-CG3EadygS8JiKzzqdssEbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 02 Jan 2024 14:15:53 GMT
sync
ups.analytics.yahoo.com/ups/58301/ Frame 17D4 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-gEx8taNBKjsZyTbMNKqqQt1NaN0KiDP0Z-X_MA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/58301/ Frame D53B 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-gEx8taNBKjsZyTbMNKqqQt1NaN0KiDP0Z-X_MA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
unip
trc-events.taboola.com/1335104/log/3/ 		0
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1335104/log/3/unip?en=pre_d_eng_tb&tos=1607&scd=0&ssd=1&est=1704204952266&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1704204953873&vi=1704204952264&ri=e8dcbd2bbd24e4206c72b0b82cc25791&sd=v2_daeefea4e3b51dbec9c9aa331f3c6aa2_e1aee152-0055-49e7-96fe-f14524b3fdd5-tuctc8da018_1704204952_1704204952_CIi3jgYQwL5RGMjFn9TMMSABKAEwODib4wlAgooQSMzK2QNQ____________AVgAYABol9TM2v-Z45zBAXAB&ui=e1aee152-0055-49e7-96fe-f14524b3fdd5-tuctc8da018&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&ler=other&cbp=OneTrust&cbpv=1&cbcd=%2CC0003%2CC0001%2CC0002%2CC0004%2C
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.marchofdimes.org
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
usermatch.gif
beacon.krxd.net/ Frame D53B
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=McEOT7AsxZdU8Y2TRvCSntFCWJ2lbSlU
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=McEOT7AsxZdU8Y2TRvCSntFCWJ2lbSlU
Protocol
H2
Server
34.240.241.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-241-48.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n021-dub-prod.krxd.net
date
Tue, 02 Jan 2024 14:15:54 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1704204954
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=McEOT7AsxZdU8Y2TRvCSntFCWJ2lbSlU
date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
2190038
content-length
0
usermatch.gif
beacon.krxd.net/ Frame 17D4
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=1bydOYH2AYT4Q2MNWuQ2rOyJkscrLI6t
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=1bydOYH2AYT4Q2MNWuQ2rOyJkscrLI6t
Protocol
H2
Server
34.240.241.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-241-48.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n024-dub-prod.krxd.net
date
Tue, 02 Jan 2024 14:15:54 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1704204954
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=1bydOYH2AYT4Q2MNWuQ2rOyJkscrLI6t
date
Tue, 02 Jan 2024 14:15:53 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
627430
content-length
0
payframe
pay.google.com/gp/p/ui/ Frame 1394 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.marchofdimes.org&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f78f9f64b818b626fa9eefea8a76e630c309528f915a1c6f34f1f2651f988762
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-6yIdo71Yw7qfmHeC5xFJXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-6yIdo71Yw7qfmHeC5xFJXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 02 Jan 2024 14:15:54 GMT
expires
Tue, 02 Jan 2024 14:15:54 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
b
r.stripe.com/ Frame 898E 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:54 GMT
x-stripe-server-envoy-start-time-us
1704204954297843
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204954297659
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 898E 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:54 GMT
x-stripe-server-envoy-start-time-us
1704204954298039
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204954297774
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 763C 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:54 GMT
x-stripe-server-envoy-start-time-us
1704204954307988
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204954307792
access-control-allow-credentials
true
content-length
0
6
m.stripe.com/ Frame 793C 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.252.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-252-180.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f6745aadd2615bf28153084daad04bd0181770b0679ccdfc7ef128972b535ff5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:15:54 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204954582790
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204954581857
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6
m.stripe.com/ Frame 793C 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.252.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-252-180.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f6745aadd2615bf28153084daad04bd0181770b0679ccdfc7ef128972b535ff5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:15:54 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204954632933
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204954632594
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
api.js
hcaptcha.com/1/ Frame CB98 		326 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=3299ea95-cc0d-41dc-af04-4832d55bbe1b&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b.stripecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age
0
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Dec 2023 14:33:57 GMT
server
cloudflare
etag
W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
cf-ray
83f39de4aeb04d8a-FRA
x-amz-cf-id
ZmMjrjiw8fZywJ91ijNYzvNzU573z4TIGIuQ1VZXpmKii2Wlo2gadA==
vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~1c9fb8cc.4ccf3f5b466328f5ff42.bundle.js
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame CB98 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~1c9fb8cc.4ccf3f5b466328f5ff42.bundle.js
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=3299ea95-cc0d-41dc-af04-4832d55bbe1b&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
301850f8ca8b8c106497210d9d78aa7b4e1339f42f01aebff119f7f633984966
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=3299ea95-cc0d-41dc-af04-4832d55bbe1b&origin=https%3A%2F%2Fjs.stripe.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:15:54 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
1109417
x-cache
HIT
content-length
38134
x-request-id
4d5f8feb-4826-41d6-8c7b-5fc2797847b4
x-served-by
cache-fra-eddf8230101-FRA
server
Fastly
x-timer
S1704204954.326672,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
18094
HCaptchaInvisible.ae63b51d892d21e8f568.bundle.js
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame CB98 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.ae63b51d892d21e8f568.bundle.js
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=3299ea95-cc0d-41dc-af04-4832d55bbe1b&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
5ab11304d671d352bac6554d49fffd0f81d7ed1bced6bdf9c021e6e0fa538494
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=3299ea95-cc0d-41dc-af04-4832d55bbe1b&origin=https%3A%2F%2Fjs.stripe.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:15:54 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
1109417
x-cache
HIT
content-length
7160
x-request-id
2d271aa5-9e7c-4ed0-a515-befff60d83d9
x-served-by
cache-fra-eddf8230101-FRA
server
Fastly
x-timer
S1704204954.326427,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17324
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 1394 		159 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.marchofdimes.org&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:27:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
593311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57423
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 13:07:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 17:27:23 GMT
csp-report
q.stripe.com/ Frame CB98 		0
488 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://b.stripecdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204954411622
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1704204954411311
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 1394 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
tb
fndrsp-checkout.net/ 		2 B
490 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp-checkout.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AiwGjy1f1deJmhvfR172EphrwNpZxxu8QRCPy%2B8X5l0RvdmLiTkQRGFkaKX%2BaW%2Fx1TlwmvCLRxwcDjHmJJ6Y3fdGnWHnBzWveaj9M5W8ckP5MoVFdVaw2LuALUXzYxNaVucR8Pjd"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39de54f998f08-IAD
alt-svc
h3=":443"; ma=86400
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/3b797c3/static/ Frame B711 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=1wm30tmzqgl
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e32333b3ebb79a87cbf33c3610c57fc17ded0f628e6f0ccdabbf2875b070929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://b.stripecdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
918037
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
83f39de50f264d8a-FRA
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:54 GMT
last-modified
Wed, 20 Dec 2023 14:33:57 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
x-amz-cf-id
TDD5IzSa3cpEgYSwJ33ANmxgyu62smW3EDUX0X62a1iaXMRtMgvC8w==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
zqmRvj.5H3xz3glqyfc6p0MpeMIvCHe2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:54 GMT
x-stripe-server-envoy-start-time-us
1704204954493128
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204954492798
access-control-allow-credentials
true
content-length
0
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 1394 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 18:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27264
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 18:01:09 GMT
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/3b797c3/ Frame B711 		326 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=1wm30tmzqgl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=1wm30tmzqgl
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age
918108
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Dec 2023 14:33:57 GMT
server
cloudflare
etag
W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
83f39de53f5a4d8a-FRA
x-amz-cf-id
ZmMjrjiw8fZywJ91ijNYzvNzU573z4TIGIuQ1VZXpmKii2Wlo2gadA==
pay
pay.google.com/gp/p/ui/ Frame 1394 		1 MB
376 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de732a54c2dcc5a603351f3041e584d42f13e898b0df903a6423dbda233ae5f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JUKmucOXbfk2-z5J4QSUSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-JUKmucOXbfk2-z5J4QSUSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 02 Jan 2024 14:15:54 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 1394 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 18:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3732
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 18:01:10 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 1394 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 18:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14260
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 18:01:10 GMT
log
play.google.com/ Frame 1394 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:15:54 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:54 GMT
expires
Tue, 02 Jan 2024 14:15:54 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1394 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:15:54 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:54 GMT
expires
Tue, 02 Jan 2024 14:15:54 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1394 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:15:54 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:54 GMT
expires
Tue, 02 Jan 2024 14:15:54 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1394 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:15:54 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:54 GMT
expires
Tue, 02 Jan 2024 14:15:54 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1394 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:15:54 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:54 GMT
expires
Tue, 02 Jan 2024 14:15:54 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:54 GMT
expires
Tue, 02 Jan 2024 14:15:54 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1394 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:15:54 GMT
b
r.stripe.com/ Frame 305D 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:54 GMT
x-stripe-server-envoy-start-time-us
1704204954630862
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204954630263
access-control-allow-credentials
true
content-length
0
checksiteconfig
api2.hcaptcha.com/ Frame B711 		719 B
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.hcaptcha.com/checksiteconfig?v=3b797c3&host=b.stripecdn.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&sc=1&swa=1&spst=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e143983a25e144062878cdef0046239b3f6866ff9f242786b705b0993bedbbf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
83f39de5f85f4d8a-FRA
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc
h3=":443"; ma=86400
hsw.js
newassets.hcaptcha.com/c/2458d9b/ Frame B711 		499 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/2458d9b/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0c067d3512326ee1d73cce9dccbb1bb59c24b279df3ea650ddf80578182bda6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=1wm30tmzqgl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
1JhSB37kavMYpA6c5WxU_Q.zUc_dI7mQ
age
156640
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:59:11 GMT
server
cloudflare
etag
W/"9d671418ff661c7370b4e3530ac92335"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
83f39de63b29924f-FRA
x-amz-cf-id
rWaUtrZ6ppWMIzTwGZtbjnFD9_0TtSvFbF3PVfPIIkda7RWbc0rEWw==
463b917e-e264-403f-ad34-34af0ee10294
api.hcaptcha.com/getcaptcha/ Frame B711 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ad03c437c7bffeaa409713e3fbe17bc683214c796ee523df50002af222f6f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
83f39de7fb104d8a-FRA
alt-svc
h3=":443"; ma=86400
b
r.stripe.com/ Frame FA05 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:56 GMT
x-stripe-server-envoy-start-time-us
1704204956227239
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204956226964
access-control-allow-credentials
true
content-length
0
unip
trc-events.taboola.com/1335104/log/3/ 		0
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1335104/log/3/unip?en=pre_d_eng_tb&tos=4608&scd=0&ssd=1&est=1704204952266&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1704204956874&vi=1704204952264&ri=e8dcbd2bbd24e4206c72b0b82cc25791&sd=v2_daeefea4e3b51dbec9c9aa331f3c6aa2_e1aee152-0055-49e7-96fe-f14524b3fdd5-tuctc8da018_1704204952_1704204952_CIi3jgYQwL5RGMjFn9TMMSABKAEwODib4wlAgooQSMzK2QNQ____________AVgAYABol9TM2v-Z45zBAXAB&ui=e1aee152-0055-49e7-96fe-f14524b3fdd5-tuctc8da018&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&ler=other&cbp=OneTrust&cbpv=1&cbcd=%2CC0003%2CC0001%2CC0002%2CC0004%2C
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.marchofdimes.org
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je3bt0v894839724z8894218235&_p=1704204951738&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=978548255.1704204952&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1704204952&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&dt=Donate%20Now%20%7C%20March%20of%20Dimes&en=Fundraise%20Up%20Checkout%20Open&ep.CampaignID=FUNHQNAJCAL&ep.CampaignCode=GGGGENWB2200CG0012G6DNW&ep.CampaignName=Default%20Donate%20Now&ep.IsLivemode=true&_et=524&tfd=9811
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ 		176 B
679 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:12:15 GMT
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
252
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
176
last-modified
Thu, 21 Dec 2023 18:13:43 GMT
server
Cloudfront
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
CTTfjEVp5VZdnTQ9CTHfRIETIlQzNBo3xWFxTE7r__0DZ7THZloCWQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=4679540176611712457

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| documentPictureInPicture object| __cfQR object| __cfBeacon object| OneTrustStub function| OptanonWrapper function| FundraiseUp object| drupalSettings object| Drupal object| webpackChunkgesso object| Donation5Reminder function| formatCurrency function| format2 function| checkEditCalculationPageExists object| gsapVersions boolean| __cfRLUnblockHandlers object| dataLayer string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| funEmbed object| FUN_SERVICE_CONTAINER object| FUN object| FUN_ELEMENT_KEYS boolean| FUN_IS_MALFORMED_ENV object| webpackChunk_fundraiseup_checkout object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __tfa_pixel_init object| _tfa string| _linkedin_data_partner_id object| _qevents function| obApi function| fbq function| _fbq object| resonateAnalytics number| randomNumber object| scriptTag object| insertionNode string| conversionTag string| TiktokAnalyticsObject object| ttq object| _adftrack object| Optanon object| OneTrust object| funElementsApi function| ttd_dom_ready function| TTDUniversalPixelApi function| quantserve function| __qc object| ezt object| _qoptions function| lintrk boolean| _already_called_lintrk function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| gtag function| UET function| UET_init function| UET_push function| onYouTubeIframeAPIReady object| gaGlobal object| ueto_47f881eb5d object| uetq function| apiObj object| gaplugins object| gaData function| setImmediate function| clearImmediate function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc function| stcc object| GooglebQhCsO object| google_optimize function| AdelphicUniversalPixel object| __SENTRY__ function| __trcWarn object| Adform object| KJUR object| adf function| omrhp object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| webpackChunkStripeJSouter function| noop function| Stripe object| ORIBILI object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchantIdsHashedValueListForGpayButtonVariant string| dynamicGpayButtonVariant object| google

93 Cookies

Domain/Path Name / Value
.taboola.com/truenorth-marchofdimes-sc/ Name: taboola_session_id
Value: v2_daeefea4e3b51dbec9c9aa331f3c6aa2_e1aee152-0055-49e7-96fe-f14524b3fdd5-tuctc8da018_1704204952_1704204952_CIi3jgYQwL5RGMjFn9TMMSABKAEwODib4wlAgooQSMzK2QNQ____________AVgAYABol9TM2v-Z45zBAXAB
.marchofdimes.org/ Name: fundraiseup_stat
Value:
.marchofdimes.org/ Name: fundraiseup_cid
Value: 17042049519709109939
.marchofdimes.org/ Name: _gcl_au
Value: 1.1.1575397271.1704204952
.www.marchofdimes.org/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Jan+02+2024+15%3A15%3A52+GMT%2B0100+(Central+European+Standard+Time)&version=202309.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=deb04353-df53-4eb7-bd5c-3eea4b508499&interactionCount=0&landingPath=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ8lR-DEBAtEGUYROW8o4FGW-dMbzcH2AfxtbCmbA2L5xG9eQmAEO-gkAyzrQfbCYx7B1jyfaD4znLg_5D66sE9DMpmpl3xzdnusnAsA&groups=C0003%3A1%2CC0001%3A1%2CC0002%3A1%2CC0004%3A1
.marchofdimes.org/ Name: _uetsid
Value: 6f94f490a97911eeacdaf95a28117918
.marchofdimes.org/ Name: _uetvid
Value: 6f951190a97911eeb3974bd644bffa72
.taboola.com/ Name: t_gid
Value: e1aee152-0055-49e7-96fe-f14524b3fdd5-tuctc8da018
.taboola.com/ Name: t_pt_gid
Value: e1aee152-0055-49e7-96fe-f14524b3fdd5-tuctc8da018
.doubleclick.net/ Name: APC
Value: AfxxVi5GxAROQLQK70zqx6uDqLLu1jrwPGBWz1EW72UfTlUVL5SXgw
.marchofdimes.org/ Name: _ga
Value: GA1.2.978548255.1704204952
.marchofdimes.org/ Name: _gid
Value: GA1.2.346659041.1704204952
.marchofdimes.org/ Name: _gat_UA-219864-60
Value: 1
.bing.com/ Name: MUID
Value: 2E8AAA80A456657B1E13B97AA584641D
.marchofdimes.org/ Name: fundraiseup_func
Value: {%22t%22:%22.marchofdimes.org%22%2C%22s%22:%221704204951971%22%2C%22sp%22:1%2C%22x%22:%2210%22}
.marchofdimes.org/ Name: _fbp
Value: fb.1.1704204952428.863585066
.tiktok.com/ Name: _ttp
Value: 2aP0YFBT3bn1pUgRgfDHM3acWGn
.linkedin.com/ Name: li_sugr
Value: 7fddc378-e87b-49bf-9a25-85365d8935ac
.linkedin.com/ Name: bcookie
Value: "v=2&e393219a-e743-4bcc-8747-fd57a513a7bb"
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=3055:u=1:x=1:i=1704204952:t=1704291352:v=2:sig=AQHxBECLx9kqVWEE15AGEMprBi96RhZl"
.quantserve.com/ Name: mc
Value: 65941a98-6ec45-26649-cbac8
.marchofdimes.org/ Name: __qca
Value: P0-1907927646-1704204952261
.adnxs.com/ Name: uuid2
Value: 2469801775646719594
.acuityplatform.com/ Name: auid
Value: 871904406555
.doubleclick.net/ Name: IDE
Value: AHWqTUkRU530vzSwiJCl9aX1Zgges2E6WYTam2tb4NP8KDxlwv-7_fDjl_wW30NvvXA
.bing.com/ Name: MSPTC
Value: UdLzvlQK-hwTihr2XDvg2M-_BoMv5HAZY07hDwWoRG8
.linkedin.com/ Name: UserMatchHistory
Value: AQJxJWiYsJviVQAAAYzKh-QhU3PRqNqtLTA-RqYxYDgDKdgChomSyWgJx8Me5DC5pD4R_7sLFuQk2A
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIFQgUvZSol0QAAAYzKh-QhRi2iQOHsJI1Lhih5RuQshrZUaCcc3Aj_Y_IEFhIzVb8pydf3S-H9hRwLgSNd4Q
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-9103c70e-71f1-5f3f-7e71-1c29291091e8.l1YWk69ZIvU7k5YTsuLu5luvm3qUAbgc948AhRZuyd0
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-9103c70e-71f1-5f3f-7e71-1c29291091e8.l1YWk69ZIvU7k5YTsuLu5luvm3qUAbgc948AhRZuyd0
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AkQPHDnHxXz9-cRwpKRCR6LKi0YQ.2nKG6%2Bmt03JvthjsUcwTHwn0YTvRPvJnBA116V4jkv0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AkQPHDnHxXz9-cRwpKRCR6LKi0YQ.2nKG6%2Bmt03JvthjsUcwTHwn0YTvRPvJnBA116V4jkv0
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDcrH0qNXvRGAzgVp2QADF1jCnMlwpW-jnTART1sjNhrEHwYBCCYtdCsBjABOgT90vuTQgRdR9L3.UGvEA8HQCfZL9NB%2BIX3YzH550SafOXcH63CVzKivock
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDcrH0qNXvRGAzgVp2QADF1jCnMlwpW-jnTART1sjNhrEHwYBCCYtdCsBjABOgT90vuTQgRdR9L3.UGvEA8HQCfZL9NB%2BIX3YzH550SafOXcH63CVzKivock
.marchofdimes.org/ Name: _tt_enable_cookie
Value: 1
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240102141552c2d9a77c-e952-4ee9-841b-298babac5f58AQETx4KzFFv-uNZvQq48DUHWf_lppMgI"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDQyMDQ5NTI7MjswMjGouJ3cvbTG2HSITm8pNrjPf3MPUWDyVeBeUtry9SchGA==
.marchofdimes.org/ Name: _ttp
Value: KID-spnTLOCQ5mbW7yDm_hzkZO1
.marchofdimes.org/ Name: _ga_0DRBVSJJB1
Value: GS1.1.1704204952.1.0.1704204952.0.0.0
www.marchofdimes.org/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1704204952913%7D
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 4d883c60-8150-448c-ba19-841a5c1b3f6f
.ipredictive.com/ Name: cu
Value: 9bae7a12-121c-4c6b-a613-723c0e1c530d|1704204952941
.adform.net/ Name: C
Value: 1
.adform.net/ Name: receive-cookie-deprecation
Value: 1
.adform.net/ Name: uid
Value: 4679540176611712457
.adform.net/ Name: CM
Value: 1|1
.adform.net/ Name: CM14
Value: 1704291353_1704204953_1_Hu7u4e4e4R7u4e4REREeEREREQ
.seadform.net/ Name: uid
Value: 4679540176611712457
.eyeota.net/ Name: SERVERID
Value: 17248~DM
.casalemedia.com/ Name: CMID
Value: ZZQamTD6e5UJurizQ-wtPAAA
.casalemedia.com/ Name: CMPS
Value: 1206
.casalemedia.com/ Name: CMPRO
Value: 1206
.ads.stickyadstv.com/ Name: uid-bp-617
Value: 4679540176611712457
.ads.stickyadstv.com/ Name: UID
Value: d0bba299cf7d9604ad96865a1d93a6
.semasio.net/ Name: SEUNCY
Value: 297EDE5A082CC671
cm.adsafety.net/ Name: UID
Value: CM12024010214252acea4e840ccb076c
.adsafety.net/ Name: cm_uid
Value: CM12024010214252acea4e840ccb076c
cm.adsafety.net/ Name: cache0
Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaMndMTmhiODJnR1VIeWFCbzE0TTVpSmxaaUk0RFNWSnZqSkRaR25ialFXY1JhaU5GeVROQUdqYW5FVUU1RWcxYk9lb2VBRDJydmtCUE0rMnJ3SG5ZR2Y5MzlVZk11S0ZxcXIrSzdENDlyWitTd2Z0LzhGNHZpeE02MjVnSkk1bTZyOXdRRC8zOE9pVWxDTVM3VmdFUklzPQ%3D%3D
.exelator.com/ Name: EE
Value: "53427dc21dad7e186c545af5dbb862d6"
.adnxs.com/ Name: anj
Value: dTM7k!M40<D>6NRF']wIg2GVHjYo<U!]tc58i_imf$9G=A^A.w4RU5k)-GYG4KdFhJ%m2h?kiQ]B?-)iTD4YQo5i@?nrTu!REBMuhW7x6t%2dJ[]QNnu')ij%sS1-=Gy$5t47!b1IK>a$s5PS%]jhz0y=/d!!$nu/DcbV
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHU2MTIPCXZyDAlMcU81dDCLNnUxDQxzTQlKcnCzCjFbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6IhfXxUUpaQyLSopPBR9LdQEArn4qMQ%253D%253D"
.media.net/ Name: data-c-ts
Value: 1704204953
.media.net/ Name: data-c
Value: k-CYwj8qNBKjsZyTbMNKqqQt1NaN00Bbv4yEpC9Q~~3
.adfarm1.adition.com/ Name: UserID1
Value: 7319504538843216017
.demdex.net/ Name: demdex
Value: 12990568880681314274251826280967779066
.audrte.com/ Name: arcki2
Value: bdbvEoyDC0RQJyGHd2-3lS9UA!20220908!1704204953908!ip#178.162.209.132
.audrte.com/ Name: arcki2_adform
Value: 4679540176611712457!20220908!1704204953908
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-45HbB6NBKjsZyTbMNKqqQt1NaN2PEI2B-gWnDg%22%2C%22version%22%3A%22criteo%22%7D
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22708a8fd0-a979-11ee-9034-9939ad1ec169%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22708a8fd0-a979-11ee-9034-9939ad1ec169%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22708a8fd0-a979-11ee-9034-9939ad1ec169%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22708a8fd0-a979-11ee-9034-9939ad1ec169%22%2C%22version%22%3A%22eu-v1%22%7D
.media.net/ Name: visitor-id
Value: 3472065531491609000V10
.agkn.com/ Name: ab
Value: 0001%3AYIYYZOLnj1GJpBdNW68SIOGZuE9tybYG
.bluekai.com/ Name: bku
Value: aG/99JASksUc1xAy
.bluekai.com/ Name: bkpa
Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwExtBpANBe9hBpRt1EWl1E/6BEze9JlYYeL=
.omnitagjs.com/ Name: ayl_visitor
Value: 5ae60f2dbdcfe1b614b56a31a1d8b87a
.dpm.demdex.net/ Name: dpm
Value: 12990568880681314274251826280967779066
.google.com/ Name: NID
Value: 511=VfMdp3HFvsWTOP3Au_PqPWq7VkWJXthKvrS8GQSfMxTtYKToDHtHqZm7qxLScFT5m_xl1WAGAP3eMTxmxmtEEiAKb3nhSa_Z3kjs7_MtaZbQN2Uen8eHIICLV9xar7UteaTwNxmW0ioSzc_9JFihg1M5I-kVqN2eV_UaN0SHRrI
.krxd.net/ Name: _kuid_
Value: QAwMnQF0
.audrte.com/ Name: arcki2_ddp2
Value: bdbvEoyDC0RQJyGHd2-3lS9UA!20220908!1704204954014
.w55c.net/ Name: wfivefivec
Value: qmgp93LL1RkFyG5
.w55c.net/ Name: matchadform
Value: 5
.weborama.fr/ Name: AFFICHE_W
Value: e-ZjjFqH8Ct797
.tremorhub.com/ Name: tv_UICR
Value: k-XG9IAKNBKjsZyTbMNKqqQt1NaN2iet0Topt3Og
.tremorhub.com/ Name: tvid
Value: 0b10670e1c534388b67102a899473882
.www.marchofdimes.org/ Name: __stripe_mid
Value: c7884a7d-e64b-4df5-9480-7ae5f55c04626d9059
.www.marchofdimes.org/ Name: __stripe_sid
Value: abe58541-7485-48fd-98f2-5dda694f5367da1ff1
.postrelease.com/ Name: opt_out
Value: 1
api2.hcaptcha.com/ Name: __cflb
Value: 0H28vk2VKwPbLoawFj9mU2fhedYxxWRCq9diaFSyKMo
m.stripe.com/ Name: m
Value: 9ee4553d-3582-4ed8-8f95-0eb6508613aebb4b97
api.hcaptcha.com/ Name: hmt_id
Value: 84660189-6703-427a-92a3-739337ec954b

17 Console Messages

Source Level URL
Text
other warning URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Message:
Allow attribute will take precedence over 'allowpaymentrequest'.
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=924843908693?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=924843908693?(Line 142)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://idsync.rlcdn.com/398366.gif?partner_uid=4679540176611712457
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=4679540176611712457/gdpr=/gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html#debugMode=false&parentOrigin=https%3A%2F%2Fwww.marchofdimes.org(Line 2)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='), or a nonce ('nonce-...') is required to enable inline execution.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=4679540176611712457
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-pYDEr+z0BJPuEz+BXEjyV4f5XAUml66O8uXNxrWB6Ho=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8832015.fls.doubleclick.net
a.audrte.com
a.twiago.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.doubleclick.net
ad.ipredictive.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
amplify.outbrain.com
analytics.tiktok.com
api.adrtx.net
api.fundraiseup.com
api.hcaptcha.com
api2.hcaptcha.com
b.stripecdn.com
bat.bing.com
beacon.krxd.net
c1.adform.net
cdn.cookielaw.org
cdn.fundraiseup.com
cdn.resonate.com
cdn.taboola.com
cds.taboola.com
cm.adform.net
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dynamic.criteo.com
e.acuityplatform.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
exchange.mediavine.com
fndrsp-checkout.net
fndrsp.net
fonts.googleapis.com
give.marchofdimes.org
global.ib-ibi.com
go.marchofdimes.org
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hcaptcha.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
insight.adsrvr.org
jadserve.postrelease.com
js.adsrvr.org
js.ipredictive.com
js.stripe.com
load77.exelator.com
loadm.exelator.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.contentexchange.me
match.sharethrough.com
matching.ivitrack.com
merchant-ui-api.stripe.com
mug.criteo.com
newassets.hcaptcha.com
pagead2.googlesyndication.com
pay.google.com
pdw-adf.userreport.com
pips.taboola.com
pixel.quantserve.com
pixel.rubiconproject.com
play.google.com
pm.w55c.net
ps.eyeota.net
px.adentifi.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
r.casalemedia.com
r.stripe.com
redirect.frontend.weborama.fr
region1.google-analytics.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
secure.quantserve.com
sentry.fundraiseup.com
simage2.pubmatic.com
snap.licdn.com
sslwidget.criteo.com
static.cloudflareinsights.com
static.fundraiseup.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.outbrain.com
sync.teads.tv
t.paypal.com
tags.adsafety.net
tags.bluekai.com
tags.srv.stackadapt.com
token.rubiconproject.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
ucarecdn.com
uipglob.semasio.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
wave.outbrain.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.marchofdimes.org
www.paypal.com
www.paypalobjects.com
x.bidswitch.net
global.ib-ibi.com
104.17.71.206
104.18.13.242
104.19.218.90
104.19.219.90
104.26.5.251
108.157.1.118
108.157.194.91
13.107.42.14
139.162.141.41
141.226.224.32
141.226.228.48
142.250.181.230
142.250.185.162
142.250.186.98
151.101.1.35
151.101.129.44
151.101.192.176
151.101.65.21
154.59.122.94
162.19.138.119
172.64.151.101
172.67.72.38
178.250.1.9
18.154.63.14
18.193.153.136
18.196.116.41
18.196.5.91
18.239.69.20
185.167.164.43
185.64.191.210
185.89.210.122
188.114.96.3
188.114.97.3
192.229.221.25
198.202.176.81
2.16.110.67
2.19.106.209
2001:4860:4802:34::36
216.58.206.38
23.213.165.82
23.218.209.56
23.50.131.84
2600:1f18:612b:4200:cf3b:d950:bab4:515a
2600:9000:211e:0:1b:5138:8a40:93a1
2600:9000:223c:2e00:6:44e3:f8c0:93a1
2606:4700:10::6816:4345
2606:4700::6810:3865
2606:4700::6812:83ec
2607:ae80:4::26
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4013:c04::5c
2a02:2638:3::c
2a02:2638:3::e
2a02:26f0:3500:16::215:1490
2a02:26f0:780::210:a40a
2a02:6ea0:c700::18
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::300
3.123.203.242
3.127.178.105
3.33.220.150
3.75.62.37
34.117.157.22
34.209.252.180
34.240.241.48
34.248.85.3
34.98.64.218
35.156.199.89
35.190.24.218
35.244.174.68
37.157.4.29
37.157.5.133
37.157.5.72
40.160.4.235
46.137.112.167
46.19.11.36
52.17.48.145
52.211.145.149
52.218.37.107
52.28.24.250
52.57.138.113
52.86.238.173
54.165.111.121
54.170.164.95
54.186.23.98
54.194.99.174
54.216.105.108
54.78.254.47
64.202.112.127
65.9.66.72
69.173.144.139
69.173.144.165
70.42.32.223
72.246.169.24
72.44.44.12
74.119.119.150
76.223.111.18
77.243.51.121
85.114.159.93
85.215.5.31
89.149.192.201
89.163.155.32
91.210.226.74
95.101.148.20
019696b175f8558a9f629b596b30b4715bf1219fbee3e3588dbacfb1582df84c
02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87
05a877586481c2150fbbd6e53ec1ce9ffe534635ea5b12dbdb93b7c26848eb74
06a1918709ba854bcfe97ef585a6cd91c56671b6d23c7ee5ed5177ad97e67243
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
074d6e29e3e1ca806261dfed28139969439e9370cba7c00d5ed7bc2da61e6dc5
0759fd6bed5370e4bc3c573dedceaeef9d7b64efc7343a10d0b147ac0b04ad53
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
0bf7bc0004aeb0dc1b7bb23f128ac24f0302a776cd1950295bc6ffae6e990bf2
116448ff3191f74560d6d91c76cebc18ec741564aa62d5c6f8bdf8f611e8a2b7
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
16b59918ab6733c57a8a7a9d6a1968d29e79df70c67909ddf241e029d0c15230
183d1f7f458dfc35496d9eb446598b1b96658ab4dc316b23cea4cd7bfcd4c8ea
18b65fdc6da2826c107418e5c689078ff47b54e7f2fc690546c33dbd3b343125
1bc9a95a5a47428df5254bd2966385ee4c11cf185e7be35babfad4b4d5bb0239
1c2e62deea90ad8ea208037abde538d6100d5a3efce136c89e64a80c1b1c6b07
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
218b91569ad8f0a5cf1aba89f3957966ecffb7b5852ca25b709bd8f887a00c90
225cd565a241fd2329d7fbdc32be0c9d94ac4692b5f9b507454604980a418c70
23098142daf44c1cb7d244684146fb6ecb0568274118ae3f62cef67034551ef2
24049fb41335d87d82a9faea10cf9aa2a0ef868037667b029d2953a940cdf67b
25c3a3c0aecc1c3cdb989b17c48a9a75970beb6343e0df0c2651ba5eb75c900a
26dd3e70c1aa731ac4c5a27ac65c200ceb2756eca0ae5862e8fab8b7d4985dd0
276867c5c3ce0b2f35e900e8e9c73fa7dc25a53802bb365f2d20642fd253f79c
28a17f4ecd44eae4f37dfecabf3d36b995ff77b4b9d9d9084dc839e2f1bcbf4d
2972ea87cd5c4adceba0baf8d735c0dae6512fd7bb276586f5ef9b707b2cde92
29dd43eecab7da13ab1c7d6b8e8c2164fcbd0e7aef445cf7103c23e0a652fbe1
2a79623b8606d1583bada494ecdaac61b10440ba7a0da23185892f9d86f172dc
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aa9b0ccf31fe34e187c3b09bec7e9d8fccdeb48a5b2223d9f80df2a8790a6af
2ac93c14f7863cc7b7df8e279a534c4940cae9a66ae48192761c6b7c5986eee2
2ceee682f306a64e8cf1b48d513f71a81dc852709cf2b36b3d9b3719fac0b0fa
2d414e5f00e69a14d9e552014d9f932df7c40b618b2904726170fb689ef8fe87
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
301850f8ca8b8c106497210d9d78aa7b4e1339f42f01aebff119f7f633984966
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
31c9ef99aae6896ff764e44f3cc121359d2a42dc49389a16a8b236f6e8aacfca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c2ce3fc3f9f303fb23219d570a67d0c55951c3f6c81b25e440ba6fb68e60d9
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
337738b644c1b01e37308c9026995b63c20387f9bc8f219cb99f72eb3b23f35c
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
368dd7da190a6dab28436caf13245f59879fdb08fb07f4bf0b9e5f6b6e4fe7d2
377a6ada8b0adaf4e37c51a736bda1e6a66e2339322ce58193e81d5909ee2fb3
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3a06c60d0bdaeba9a685c6b98ec4108e8358606ae608bc2866b3873ba36e8be5
3a240243a42eb267f22d7f872b2c0638a3717cdb26ca1b014b151129b17cdb82
3de7a0f6d4d192cc931ffc60dcd9c41cf823614d8fe3264c7553611853a2dc52
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3ed0a4e695771f9903b95ac84166dbb8b89a5f6ead020bdba7fccce3d082e2f8
3eeaf7446956d4f52db0d9d320988723bec23129315a8daedf665bab334d6b21
40f7997ff37aac676d939dbdb0d33f6381fc5b66de4e4c79240e6e9503b14c15
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
4144ecfa21078502c6ccd95fcf8d2e5c6cb44d98a12d22dbfeb3745eadb612f3
420a436e0e9e1c48a2f9ce50b59fdb2b805d0274cc20fa569fd1726c4dbf90e9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4471ccb98d7627f19e1fd997e5562b4be936baf86b6597eb63330c6843fc59c1
448f20382358c1983b60b912fe6bbb071f39a54a1fced1e643450e90244f1fdc
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
46bd0733876c7af65031bc638d05b096cee0f9d2f8cc136dafa1405a88ae0df2
46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9
47a019a4a25f09f59e801a8b3d77f63a3a975a4c763f8430defa7987e14d7d64
49e6f18090a8c3b811e5d7d50a1cd9e83272f1ecbea95624373950070500a90d
4aa2fdddfcb25552a1713673a954bc864de1a7b22dc0ebe664fe8ddb6bcb21ee
4b57a6d97fc4340e01339086713fe15bc8c6bace25a8fa8b8682558c953c444a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc9b49ae6ec81de78cb07234ba748e5f186b819079eca3e7e82db4690641275
4c73ae3eda72c7eef8b13c75031180df1d81626dec2a68a846094d697fec3546
4d663da5e7f6fe773fda5fe642d04a71cd988f1132b343edb5be914d44a1f534
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7f6cd883b421b03d88891e93891fc89bd7e4cde0266009f72250f0092302aa
4f165b99a606b17d7e7414ec0b6b4cab7938d115ff690819d678548f70b0501c
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
517aa5c6549c92ef5244d8e9df5d662310d50ca9419b12b9157e67ff640be3b8
52142e0671ba7294da28434e2a92636b8848c1fe284fe09543c4e8f7e4716d11
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551d2b6788462322d7e91da4329806e55373231f3a1d4e667f68d4cbb32d4fb5
55934d27fdb4a14ddc59cac40e940a9c8100acc76c156e9be5f3b9c0dff6569f
564997debc20f446a4f38720248e1dbaaaa15ee5e40de23c946a0af7aadc6b47
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56ad03c437c7bffeaa409713e3fbe17bc683214c796ee523df50002af222f6f9
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5ab11304d671d352bac6554d49fffd0f81d7ed1bced6bdf9c021e6e0fa538494
5adceb2b0d02bfc2389c6e88a7df65d5f5261523d06efd195021294e34c402b7
5b17a420163b181948e21b8a69880c8f8098f369084006bfa920b62194ff3c81
5cc76e7f5b027b2566d97e2701af7b605a376c4a0487302d2634bbceb67eb349
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fbdec47eb761902c4f7d14ccd5a3b97bbaca6a18d485482157fff7f97684d3d
5fda46ad6de82ed65908428f090ab3cb24da2b2ab22e3f19e2713e94eecdc907
6109a9264c6bb75eaf69d45fd3fc6f193794adac940245584a014c10d334dda5
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
6390d9e5b98e80d8c673c3625bcdb3af96a535ad7e122a7237b52c58c15c7172
642c3f67dbc0d646b7d2508b081e0a6040a7be94478f0cd6d2a6de21f5d11ed7
642d50bf95258a7181203326b05c08982dc5298ff21982594594a2ece141bed8
6432a66c7d8240059ca76b571620dd0f54b4d3a5dc05fccf8cff7c8304bc9493
6514b472d22e99c9ff9fd09d7cb73046b276a1fbc114a71b09972897909c42a4
67babd89dd5d6e783cbe7ba05cb7d77c2c3ab7bb0b3ba87b185b391a21e8cc35
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69c942423058ca7c0d54a661d67cded9d06b9f030dd45e434bcc72cd150e7e92
6a238ee37768c0cca88e1a160b3cea1b27b61b57c5509c60d4381eb41ed83e0d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1dccb5a273ea2fadd2437f76d7e4b897e7c5f461f52c0b72cc7e74db13cca2
6bc9933cf1275da02fd11435520dee63def1c7e8f1c2be9f1e53d2a6e42279fc
6cc4700b8677a899840ce32bc6c1b5d5405e5d7f2e14a338ed95e4fe40a2bb96
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e32333b3ebb79a87cbf33c3610c57fc17ded0f628e6f0ccdabbf2875b070929
6ec65ff8562887c03245269b73d1ebb60f6f619d9bad49c6ce2c956e7a0826f4
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7176a2935514018f4c12a99dccc108407f9f4bdd7c1be1a097cbec7a90fb7542
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18
75c911d121bdba9548b91e8a057bfae7edbebe988a7423821fc7d4c090c64b92
7a5d1a8956ee3f319edea53bf11ba07988f8c6a0b6204633cee6a41b4b216127
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
81cde3f01b38120a310a1511896c42f68a46f83b6a5ea874ca447de65563cdc2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837600943c21fa2ba2607395383c67e96318e30b94c32bb0521351d94ac22b62
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b21363e68e52f1ba52f2f292a183e39f00372c248ecfaf0c5c1fa671ff46a00
8c539677a5fa924b3f663fbe2026616c64bd4080701b43c04e6489f9d31ccb87
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e758310065d56c81731fadefacd48f77fe962456070bcd42b4fab78e044a69d
8eeb23a1dcd42802d5d861556c6ae4848a05fd28cd22bb8ed884015b62eefd9e
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9516e1c23610840cf3f86fc18968a997a2af08e5f42e0093013f0836285d30bb
98b2231b86974817ee296cd79e82374ecaae68b096638100e4bdd0b0386a2997
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
9fb218a2b6a039eaf89cbd37cd1555bc0f0398efdffde33a410990feda30a3c6
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce
abca992fa4e621e1b432acbd7111a6c3561a508229e1ae32873531feb1d24a17
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
ae4ad442fdfac1ade543efd816459a6dfba4aeb6583e6e8cc17aee1dfacb65d4
ae885067159b6a4c7f153446d01bd1e0405d0acd180089840397091758a42695
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1
b410913850321efd333e39ddf1a5d49a433b29721126ec6d785f8f039e98bc32
b4a930b964d41cd26dff933f80902506f978fdf779c8027becc659f21264340a
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b596c15fc92d124e18473ffa1d9529ea88cf1918efa33f00447fee4113a68338
b73c2239b5b0ae6e051cb135734dc2101aeaf9032dd6b2c29ce9679330fc0bd0
b81f50d6d819dd6d6aaf0cb6402329f0479c734ad2f0918eb9f8366b66f78c83
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
bb83ac4c1a72227dd5036318370e6523f7a06d0e9f791efb6f6fe34b22621ce5
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
bff4e5a01e8dd93a69abd5a5531d53cd891f65134c552718134e0adeda2be295
c09f9bc171c32544001b130b5ed1f7f2e2b8c1ac817823452288bc678afc57e6
c0c067d3512326ee1d73cce9dccbb1bb59c24b279df3ea650ddf80578182bda6
c0ee34fcf7db9c8bc2412f47c264d8de575c2d477198cabc635ba538ddcd77f0
c1f92dcc7494187b5787cabe4834de25f4502ff2aa4228956b919785118df04d
c3c193a2e64fe803deba1f8c52fbec46e6a2089c546d8b18dc1f9a56ec4ca692
c42a32f2aed68470df2b2a8426a9f0e78c0ef0e55a43c73175855ef777ae6724
c50703a9859028e070c5ba54517ac39c873fcfc5015907f5dac21c78648ccbdf
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f
c963fd1212d60ca1c683bccb3c3ace830cdedc1dccf7256c112a9708f9e7cf88
cb48d9e8351750646223a61d5868a0eda7972e2ea278c69677577300810b0ad4
cb6f9e60e6bf41a5af731690552807e6e4ca7be8994fd8804b9cf15592d3ef5c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1802297dea21b3e6a860ccb64dac092312598f1743b8b6b9dd6c30adb4bfe45
d30717f2e8dc64c231e7f24843ca4ba6c9076d5e838b08e4d6efc0ee66b9f9c6
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d3f7e24515a6e8e17332b556ae1a433f0b6e00cdaea90167be98c2734b0049a0
d4660c763169716a38ee1153d2cc4eca87ca421195d67bd89ea964b10bfbacac
d4eb6180b5107f5ec5cd73a858d470b0e2ee8671a4730e67ebcd73fabe0edb39
d557d084bb45b79e6c03776d4d1a74c4af7706d68df16bffecf2b1b5e15849f2
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d8a46eeb51fdfb067d8893f32f255041ef7eb8f53c2f5e1d02c3d1fd4e575ef6
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
db2fe02b994fdded9fe3acc3f595150e738f4a0c34d9a41e76a6627be26b5352
dbf123460c457a94828a37116d5bee81c7f03af4c5cb17dcf5edb6ce9005ccfc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddc4f19e31795b978d4578949e507c0a1c9fad7806dd974f33e1d18483663a38
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de732a54c2dcc5a603351f3041e584d42f13e898b0df903a6423dbda233ae5f3
df9d8e18a3cec3afcf01338e9a26209eeb89e3d0eaf97f0d5298f039776ffc8a
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e143983a25e144062878cdef0046239b3f6866ff9f242786b705b0993bedbbf4
e2717d806962fe1e4c9810ca869fb82c8bbd86638ca6787d01ff8c947c20df3c
e2a900b2a6524b9f6a640eddeda6e045bea4aff194c9203ea660e6db5743b69b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46de8ce43bbbc4282b65b9805f4f7c462f812ce23b615379b468beb09a989a7
e46fc9b808a314306814560c5c41ba2ca0a9b78ee120d381c3ac4608c59316d9
e50d15896eb602b52225697467a0e13195cddd10423d86ccafc7598f8a6a6111
e6f672e4624adf7f76bb6c0b7f5eaef89011341493fdfeb0bdfb4151aeb9fef5
e7c9e0c637802afc6a28d9b2a53ad9f33123f15787be4330c2c4d15dc3035f09
e7e7f216e2add2e5655784665bea48f8efed39c8be96c40782b3f0cf84df6bbf
e944de09b6e048d89b1dff57baf718b2ac1dc0d273e55560decb4c82cc828c8f
e9719b638317091bed0ab518c0ef99c5dbf1a3083d8b481673d376c47b3da124
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ebd6d32400095fb406e63e748a6a8451eb6cdefc0f57d5f3217de10fdc57b416
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
eefe1e7d99ab4810bfb479ff54c275efb459b6ae9abfebfd221c4a518ead27d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e49c9b4d9553227397b7dfaa8c8f46f197b410cff5942279711cd49c62abf
f039983da8b48cf2ad315102774be94a7e79bd4a9f26a751b9971bb74304233c
f16ade3e5da5d485764a1d4ca2aa3f94f757b785195b04d391de88680adf76ea
f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3
f300f66c1304e23bfc15a23908129f0b10ff24c89f5a2727bc52735acda82d57
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf
f55809ae21d5dcfb8a6e01596d12eb88c0630f7e0aeff4c285b981df7864aed5
f6745aadd2615bf28153084daad04bd0181770b0679ccdfc7ef128972b535ff5
f78f9f64b818b626fa9eefea8a76e630c309528f915a1c6f34f1f2651f988762
f8cd06506717ca4b233b2fd62746d5a39c9230b4ea3c4bb56206edf928ed8d05
f8e7a944adcb9d32eaf4e2f6e85cb7d1f9029b74de22ad7ff2d46ef82b189c95
fb9c55f9d97f190529ed2b873c1b9e35e061cf61dfaa1756b42671314d89fe37
fc3a41aaf9de8dcdbb1aa7c552942868390ff131f4ae48acd79df9d5a7ff996f
feece42caba667125295d9bb9eaede032f1af2209f7e1ec2e09965074d449605
ff02af5e5776f8284ea202d7f0337c3a38324f1590d317207514c564b22e9bb3