westernusa.salvationarmy.org Open in urlscan Pro
3.234.103.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://usw.salvationarmy.org/
Effective URL:
https://westernusa.salvationarmy.org/
Submission: On November 08 via manual (November 8th 2023, 4:50:57 am UTC) from IN — Scanned from DE

Summary HTTP 412 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 89 IPs in 5 countries across 73 domains to perform 412 HTTP transactions. The main IP is 3.234.103.103, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is westernusa.salvationarmy.org.
TLS certificate: Issued by Amazon RSA 2048 M01 on August 21st 2023. Valid for: a year.

This is the only time westernusa.salvationarmy.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	65.126.242.58 65.126.242.58	209 (CENTURYLI...) (CENTURYLINK-US-LEGACY-QWEST)
5	3.234.103.103 3.234.103.103	14618 (AMAZON-AES) (AMAZON-AES)
13	2600:9000:264... 2600:9000:2646:3c00:11:c186:a480:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a02:26f0:350... 2a02:26f0:3500:16::215:1490	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
3	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
24	52.219.117.120 52.219.117.120	16509 (AMAZON-02) (AMAZON-02)
22	2600:9000:21f... 2600:9000:21f3:c600:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 5	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	172.67.23.169 172.67.23.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.217.200.24 52.217.200.24	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2 4	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 29	2606:4700::68... 2606:4700::6812:c55f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	23.212.212.65 23.212.212.65	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
7	34.254.109.178 34.254.109.178	16509 (AMAZON-02) (AMAZON-02)
4	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1	34.252.33.233 34.252.33.233	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.135 63.140.62.135	15224 (OMNITURE) (OMNITURE)
1 1	52.210.47.152 52.210.47.152	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
1	66.235.152.152 66.235.152.152	15224 (OMNITURE) (OMNITURE)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
3	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
16	2606:4700::68... 2606:4700::6813:d483	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	35.186.236.204 35.186.236.204	15169 (GOOGLE) (GOOGLE)
1	93.184.220.12 93.184.220.12	15133 (EDGECAST) (EDGECAST)
1	2600:9000:214... 2600:9000:214f:ba00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	3.124.24.218 3.124.24.218	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
1 4	172.64.109.3 172.64.109.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.156.25.133 35.156.25.133	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	18.197.205.175 18.197.205.175	16509 (AMAZON-02) (AMAZON-02)
8 14	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	193.108.153.28 193.108.153.28	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
8 8	13.32.27.113 13.32.27.113	16509 (AMAZON-02) (AMAZON-02)
6	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 5	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 6	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
3	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
2	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
2	44.216.205.237 44.216.205.237	14618 (AMAZON-AES) (AMAZON-AES)
2 5	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:1f18:612... 2600:1f18:612b:4280:43c0:214f:6eb7:4a47	14618 (AMAZON-AES) (AMAZON-AES)
2	35.156.144.148 35.156.144.148	16509 (AMAZON-02) (AMAZON-02)
2	63.32.86.161 63.32.86.161	16509 (AMAZON-02) (AMAZON-02)
2	3.67.182.127 3.67.182.127	16509 (AMAZON-02) (AMAZON-02)
9 9	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	192.132.33.68 192.132.33.68	18568 (BIDTELLECT) (BIDTELLECT)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
5	2600:9000:225... 2600:9000:2250:1a00:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.38 13.32.121.38	16509 (AMAZON-02) (AMAZON-02)
23	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	2606:4700:10:... 2606:4700:10::6816:38f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.189.49 13.224.189.49	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	162.247.241.2 162.247.241.2	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
3	2606:4700::68... 2606:4700::6812:7c49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
40	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	18.66.147.3 18.66.147.3	16509 (AMAZON-02) (AMAZON-02)
4	44.228.215.240 44.228.215.240	16509 (AMAZON-02) (AMAZON-02)
1	3.94.174.107 3.94.174.107	14618 (AMAZON-AES) (AMAZON-AES)
8	2a00:1450:400... 2a00:1450:400c:c00::5c	15169 (GOOGLE) (GOOGLE)
1	52.30.58.64 52.30.58.64	16509 (AMAZON-02) (AMAZON-02)
24	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
412	89

2 65.126.242.58 (Salem, United States) 2 redirects

ASN209 (CENTURYLINK-US-LEGACY-QWEST, US)

usw.salvationarmy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.234.103.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-103-103.compute-1.amazonaws.com

westernusa.salvationarmy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2646:3c00:11:c186:a480:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.salvationarmy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1080:1 (Germany) 2 redirects

ASN200325 (BUNNYCDN, SI)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 52.219.117.120 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1.amazonaws.com

s3-us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2600:9000:21f3:c600:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.23.169 (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.guidestar.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.200.24 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

8879652.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10359058.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700::6812:c55f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sdk.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
give-usw.salvationarmy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.212.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-212-65.deploy.static.akamaitechnologies.com

www.everestjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.254.109.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-109-178.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.33.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-33-233.eu-west-1.compute.amazonaws.com

thesalvationarmy.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.135 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-135.data.adobedc.net

thesalvationarmy.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.47.152 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-47-152.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.152 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-66-235-152-152.data.adobedc.net

thesalvationarmy.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6813:d483 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.236.204 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 204.236.186.35.bc.googleusercontent.com

mpp.vindicosuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.12 (London, United Kingdom)

ASN15133 (EDGECAST, US)

cache.vindicosuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:ba00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.24.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-24-218.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.109.3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

getrockerbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.25.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-25-133.eu-central-1.compute.amazonaws.com

collect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.205.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-205-175.eu-central-1.compute.amazonaws.com

visitor-service-eu-central-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 193.0.160.130 (United States) 8 redirects

ASN54312 (ROCKETFUEL, US)

20682257p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
20682259p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.108.153.28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-28.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.32.27.113 (United States) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-113.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.216.205.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-205-237.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4280:43c0:214f:6eb7:4a47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.144.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-144-148.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.86.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-86-161.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.182.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-182-127.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.2.49 (United States) 9 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.68 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.68.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

files.doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2250:1a00:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-38.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:38f5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.inspectlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hn.inspectlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-49.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.2 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:7c49 (United States)

ASN13335 (CLOUDFLARENET, US)

prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-3.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.228.215.240 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-215-240.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.94.174.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-174-107.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400c:c00::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.58.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-58-64.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 m.stripe.com — Cisco Umbrella Rank: 1249 r.stripe.com — Cisco Umbrella Rank: 3546 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5203	1013 KB
39	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 105 pay.google.com — Cisco Umbrella Rank: 2685 play.google.com — Cisco Umbrella Rank: 28	843 KB
35	salvationarmy.org 2 redirects usw.salvationarmy.org westernusa.salvationarmy.org static.salvationarmy.org — Cisco Umbrella Rank: 217742 give-usw.salvationarmy.org — Cisco Umbrella Rank: 728657	1 MB
25	amazonaws.com s3-us-west-1.amazonaws.com s3.amazonaws.com	1 MB
22	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1253	150 KB
18	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 5477 api.lightboxcdn.com — Cisco Umbrella Rank: 6930 s3.lightboxcdn.com — Cisco Umbrella Rank: 17832	474 KB
17	classy.org 1 redirects sdk.classy.org — Cisco Umbrella Rank: 45548 www.classy.org — Cisco Umbrella Rank: 84512 prod-frs.content.classy.org — Cisco Umbrella Rank: 48327 pay.classy.org — Cisco Umbrella Rank: 52580	1 MB
16	gstatic.com www.gstatic.com fonts.gstatic.com	600 KB
14	rfihub.com 8 redirects 20682257p.rfihub.com — Cisco Umbrella Rank: 274971 20682259p.rfihub.com — Cisco Umbrella Rank: 281613 p.rfihub.com — Cisco Umbrella Rank: 868 a.rfihub.com — Cisco Umbrella Rank: 2969	24 KB
14	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	43 KB
13	doubleclick.net 5 redirects 8879652.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78 10359058.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	6 KB
10	everesttech.net 10 redirects cm.everesttech.net — Cisco Umbrella Rank: 1275 sync-tm.everesttech.net — Cisco Umbrella Rank: 709	2 KB
8	rezync.com 8 redirects live.rezync.com — Cisco Umbrella Rank: 1922	6 KB
8	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 228 thesalvationarmy.demdex.net — Cisco Umbrella Rank: 261094	11 KB
8	typekit.net use.typekit.net — Cisco Umbrella Rank: 506 p.typekit.net — Cisco Umbrella Rank: 621	214 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	550 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 secure.adnxs.com — Cisco Umbrella Rank: 495	5 KB
6	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 415	209 B
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	267 KB
5	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 5366	141 KB
5	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	3 KB
5	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1584 secure-ds.serving-sys.com — Cisco Umbrella Rank: 2642	18 KB
5	bing.com bat.bing.com — Cisco Umbrella Rank: 366	14 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 14376 www.google.de — Cisco Umbrella Rank: 6862	1 KB
5	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 393 fonts.googleapis.com — Cisco Umbrella Rank: 31	167 KB
4	getrockerbox.com 1 redirects getrockerbox.com — Cisco Umbrella Rank: 5111	11 KB
4	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3887	382 B
3	doublethedonation.com files.doublethedonation.com — Cisco Umbrella Rank: 66723	133 KB
3	openx.net us-u.openx.net — Cisco Umbrella Rank: 522	476 B
3	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 924	373 B
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 874	761 B
3	omtrdc.net thesalvationarmy.sc.omtrdc.net — Cisco Umbrella Rank: 233391 thesalvationarmy.tt.omtrdc.net — Cisco Umbrella Rank: 246530	1 KB
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	70 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	394 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	53 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	7 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2317	273 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1771 api-iam.intercom.io — Cisco Umbrella Rank: 2191	4 KB
2	inspectlet.com cdn.inspectlet.com — Cisco Umbrella Rank: 10829 hn.inspectlet.com — Cisco Umbrella Rank: 11165	63 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	18 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	291 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 758	676 B
2	agkn.com aa.agkn.com — Cisco Umbrella Rank: 560	753 B
2	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1279	349 B
2	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1652	364 B
2	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1570	217 B
2	media.net contextual.media.net — Cisco Umbrella Rank: 691	1 KB
2	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1148	688 B
2	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460 ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	610 B
2	tealiumiq.com collect.tealiumiq.com — Cisco Umbrella Rank: 3455 visitor-service-eu-central-1.tealiumiq.com — Cisco Umbrella Rank: 32745	1 KB
2	vindicosuite.com 1 redirects mpp.vindicosuite.com — Cisco Umbrella Rank: 6814 cache.vindicosuite.com — Cisco Umbrella Rank: 47073	806 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	762 B
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	124 KB
2	rawgit.com 2 redirects cdn.rawgit.com — Cisco Umbrella Rank: 12123	1 KB
1	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 2623	954 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 562	17 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14270	43 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 903	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 31447	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 376	239 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 826	163 B
1	ispot.tv pt.ispot.tv — Cisco Umbrella Rank: 2651	315 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5089	6 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1384	402 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1161	17 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1452	637 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1333	8 KB
1	everestjs.net www.everestjs.net — Cisco Umbrella Rank: 8450	4 KB
1	ytimg.com s.ytimg.com — Cisco Umbrella Rank: 11057	8 KB
1	guidestar.org widgets.guidestar.org — Cisco Umbrella Rank: 32552	4 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
412	73

	Domain	Requested by
28	r.stripe.com	js.stripe.com
24	play.google.com	www.gstatic.com
24	s3-us-west-1.amazonaws.com	westernusa.salvationarmy.org
22	tags.tiqcdn.com	westernusa.salvationarmy.org
21	js.stripe.com	cdn.transcend.io js.stripe.com
15	give-usw.salvationarmy.org	westernusa.salvationarmy.org give-usw.salvationarmy.org cdn.transcend.io
14	prod-frs.content.classy.org	give-usw.salvationarmy.org cdn.transcend.io prod-frs.content.classy.org
13	www.lightboxcdn.com	westernusa.salvationarmy.org www.lightboxcdn.com cdn.transcend.io give-usw.salvationarmy.org
13	static.salvationarmy.org	westernusa.salvationarmy.org static.salvationarmy.org
12	q.stripe.com	westernusa.salvationarmy.org
9	sync-tm.everesttech.net	9 redirects
9	www.gstatic.com	westernusa.salvationarmy.org pay.google.com www.gstatic.com
8	pay.google.com	js.stripe.com pay.google.com westernusa.salvationarmy.org www.gstatic.com
8	p.rfihub.com	6 redirects westernusa.salvationarmy.org
8	live.rezync.com	8 redirects
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com westernusa.salvationarmy.org
7	fonts.gstatic.com	fonts.googleapis.com
7	dpm.demdex.net	westernusa.salvationarmy.org
7	www.googletagmanager.com	westernusa.salvationarmy.org www.googletagmanager.com
7	use.typekit.net	westernusa.salvationarmy.org use.typekit.net s3.lightboxcdn.com
6	idsync.rlcdn.com	westernusa.salvationarmy.org
6	region1.google-analytics.com	www.googletagmanager.com
6	connect.facebook.net	westernusa.salvationarmy.org connect.facebook.net
5	cdn.transcend.io	give-usw.salvationarmy.org cdn.transcend.io
5	dsum-sec.casalemedia.com	2 redirects westernusa.salvationarmy.org
5	ib.adnxs.com	2 redirects westernusa.salvationarmy.org
5	bat.bing.com	westernusa.salvationarmy.org
5	www.google.com	1 redirects westernusa.salvationarmy.org
5	westernusa.salvationarmy.org	westernusa.salvationarmy.org
4	m.stripe.com	m.stripe.network
4	a.rfihub.com	2 redirects westernusa.salvationarmy.org
4	www.google.de	westernusa.salvationarmy.org
4	getrockerbox.com	1 redirects westernusa.salvationarmy.org
4	pixel.sitescout.com	westernusa.salvationarmy.org
4	maps.googleapis.com	westernusa.salvationarmy.org
3	s3.lightboxcdn.com	www.lightboxcdn.com s3.lightboxcdn.com
3	files.doublethedonation.com	give-usw.salvationarmy.org files.doublethedonation.com cdn.transcend.io
3	us-u.openx.net	westernusa.salvationarmy.org
3	image2.pubmatic.com	westernusa.salvationarmy.org
3	cm.g.doubleclick.net	2 redirects westernusa.salvationarmy.org
3	googleads.g.doubleclick.net	1 redirects westernusa.salvationarmy.org
3	bs.serving-sys.com	westernusa.salvationarmy.org
3	tr.snapchat.com	westernusa.salvationarmy.org sc-static.net
3	www.youtube.com	westernusa.salvationarmy.org cdn.transcend.io
3	www.facebook.com	westernusa.salvationarmy.org
3	stats.g.doubleclick.net	www.google-analytics.com westernusa.salvationarmy.org
3	cdnjs.cloudflare.com	westernusa.salvationarmy.org
3	cdn.jsdelivr.net	westernusa.salvationarmy.org
2	js.intercomcdn.com	widget.intercom.io
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.googleadservices.com	cdn.transcend.io
2	api.lightboxcdn.com	westernusa.salvationarmy.org cdn.transcend.io
2	x.bidswitch.net	westernusa.salvationarmy.org
2	beacon.krxd.net	westernusa.salvationarmy.org
2	aa.agkn.com	westernusa.salvationarmy.org
2	partners.tremorhub.com	westernusa.salvationarmy.org
2	x.dlx.addthis.com	westernusa.salvationarmy.org
2	bpi.rtactivate.com	westernusa.salvationarmy.org
2	contextual.media.net	westernusa.salvationarmy.org
2	ps.eyeota.net	westernusa.salvationarmy.org
2	secure-ds.serving-sys.com	bs.serving-sys.com
2	10359058.fls.doubleclick.net	1 redirects westernusa.salvationarmy.org
2	cms.quantserve.com	1 redirects westernusa.salvationarmy.org
2	thesalvationarmy.sc.omtrdc.net	westernusa.salvationarmy.org
2	adservice.google.com	8879652.fls.doubleclick.net 10359058.fls.doubleclick.net
2	8879652.fls.doubleclick.net	1 redirects westernusa.salvationarmy.org
2	code.jquery.com	westernusa.salvationarmy.org cdn.transcend.io
2	cdn.rawgit.com	2 redirects
2	usw.salvationarmy.org	2 redirects
1	merchant-ui-api.stripe.com	js.stripe.com
1	hn.inspectlet.com	westernusa.salvationarmy.org
1	api-iam.intercom.io	js.intercomcdn.com
1	fonts.googleapis.com	cdn.transcend.io
1	pay.classy.org	cdn.transcend.io
1	bam-cell.nr-data.net	westernusa.salvationarmy.org
1	js-agent.newrelic.com	westernusa.salvationarmy.org
1	widget.intercom.io	westernusa.salvationarmy.org
1	cdn.inspectlet.com	westernusa.salvationarmy.org
1	cdn.plaid.com	cdn.transcend.io
1	unpkg.com	cdn.transcend.io
1	htp.tokenex.com	cdn.transcend.io
1	static.cloudflareinsights.com	give-usw.salvationarmy.org
1	pixel.rubiconproject.com	westernusa.salvationarmy.org
1	secure.adnxs.com	westernusa.salvationarmy.org
1	bttrack.com	westernusa.salvationarmy.org
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	20682259p.rfihub.com	westernusa.salvationarmy.org
1	20682257p.rfihub.com	westernusa.salvationarmy.org
1	visitor-service-eu-central-1.tealiumiq.com	westernusa.salvationarmy.org
1	collect.tealiumiq.com	westernusa.salvationarmy.org
1	pt.ispot.tv	westernusa.salvationarmy.org
1	c1.rfihub.net	westernusa.salvationarmy.org
1	cache.vindicosuite.com	westernusa.salvationarmy.org
1	mpp.vindicosuite.com	1 redirects
1	d.turn.com	1 redirects
1	sc-static.net	westernusa.salvationarmy.org
1	thesalvationarmy.tt.omtrdc.net	westernusa.salvationarmy.org
1	alb.reddit.com	westernusa.salvationarmy.org
1	cm.everesttech.net	1 redirects
1	thesalvationarmy.demdex.net	westernusa.salvationarmy.org
1	www.redditstatic.com	westernusa.salvationarmy.org
1	www.everestjs.net	westernusa.salvationarmy.org
1	s.ytimg.com	westernusa.salvationarmy.org
1	www.classy.org	1 redirects
1	sdk.classy.org	westernusa.salvationarmy.org
1	adservice.google.de	adservice.google.com
1	p.typekit.net	use.typekit.net
1	s3.amazonaws.com	westernusa.salvationarmy.org
1	widgets.guidestar.org	westernusa.salvationarmy.org
0	sync.search.spotxchange.com Failed	westernusa.salvationarmy.org
412	111

This site contains links to these domains. Also see Links.

Domain
give.salvationarmyusa.org
volunteer.usawest.org
corporatepartners.salvationarmy.org
shopthesalvationarmy.com
give-usw.salvationarmy.org
caringmagazine.org
www.facebook.com
www.instagram.com
www.twitter.com
www.youtube.com
www.pinterest.com
www.vimeo.com
www.guidestar.org

Subject Issuer	Validity	Valid
salvationarmy.org Amazon RSA 2048 M01	`2023-08-21` - `2024-09-17`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.s3-us-west-1.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-01-21`	9 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-23` - `2024-06-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-17` - `2023-11-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
give-usw.salvationarmy.org Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
www.everestjs.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-25` - `2024-10-25`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
lightboxcdn.com Cloudflare Inc ECC CA-3	`2023-10-09` - `2024-10-08`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2023-10-31` - `2024-11-28`	a year	crt.sh
bs.serving-sys.com Amazon RSA 2048 M02	`2023-03-11` - `2024-04-08`	a year	crt.sh
*.ispot.tv R3	`2023-09-11` - `2023-12-10`	3 months	crt.sh
getrockerbox.com Cloudflare Inc ECC CA-3	`2023-01-18` - `2024-01-17`	a year	crt.sh
*.tealiumiq.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
secure-ds.serving-sys.com R3	`2023-09-19` - `2023-12-18`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-04` - `2024-04-21`	a year	crt.sh
api.lightboxcdn.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-07-24` - `2024-01-24`	6 months	crt.sh
snie5b5gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-05-17`	a year	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2023-02-08` - `2024-01-12`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://westernusa.salvationarmy.org/
Frame ID: 2A59D980CA8697B6EBCC2FA9DA7152D2
Requests: 184 HTTP requests in this frame

Frame: https://8879652.fls.doubleclick.net/activityi;dc_pre=CKWcgaXNs4IDFefMOwIdFJYD-g;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801
Frame ID: 1D08B96B1BE006D4A6D5C497A6032C8A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKWcgaXNs4IDFefMOwIdFJYD-g;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801;~oref=https://westernusa.salvationarmy.org/
Frame ID: 228990421BDC3FB99255EF19715FC0FD
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKWcgaXNs4IDFefMOwIdFJYD-g;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801;~oref=https://westernusa.salvationarmy.org/
Frame ID: 0D6BFA7510AE57E24F76B57683D09A8C
Requests: 1 HTTP requests in this frame

Frame: https://give-usw.salvationarmy.org/give/506522/
Frame ID: 25A74991491D04D6799BF780C0BABC12
Requests: 62 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: D1841B7BC850F37AD766DE5E32081B72
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 06CA323DEFE015EAFFC14BDBCA9B1C90
Requests: 1 HTTP requests in this frame

Frame: https://thesalvationarmy.demdex.net/dest5.html?d_nsid=0
Frame ID: 05F9FAF46D3FF1D156E077A6B1E66158
Requests: 14 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=c866382f-56d6-4b6d-858d-c881ec296b0c&u_scsid=30797775-41ce-4a53-80d7-ca3434606a40&u_sclid=c8b5106c-4c30-484b-836a-fbc252545e88
Frame ID: 7151C75D621E0CB7EE538B355D32D3E7
Requests: 1 HTTP requests in this frame

Frame: https://10359058.fls.doubleclick.net/activityi;dc_pre=COTc4KXNs4IDFc7ROwIdpYcNtA;src=10359058;type=retar0;cat=sitew0;ord=9609463096988.713
Frame ID: 415E5354CBD0546471D3B1B879FA9555
Requests: 2 HTTP requests in this frame

Frame: https://bs.serving-sys.com/BurstingPipe/ActivityServer.bs?cn=as&ActivityID=550371&ifrm=1&rnd=792605
Frame ID: 23E94D745538EC79FE493D8C22368E24
Requests: 2 HTTP requests in this frame

Frame: https://bs.serving-sys.com/BurstingPipe/ActivityServer.bs?cn=as&ActivityID=485783&ifrm=1&rnd=561576
Frame ID: BFD21DDFC41B42F5C6147702125111A5
Requests: 2 HTTP requests in this frame

Frame: https://20682257p.rfihub.com/ca.html?ver=9&rb=5041&ca=20682257&t=home&pe=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&pf=&ra=6868560472708869
Frame ID: F5ED4F3E948B2F28D5FEFD8FF3DF7977
Requests: 18 HTTP requests in this frame

Frame: https://20682259p.rfihub.com/ca.html?ver=9&rb=5041&ca=20682259&t=home&pe=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&pf=&ra=23852847592169746
Frame ID: 2ECAC79D53BB3175F27585DB5C0C93E2
Requests: 18 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/lightbox.js?mb=1699419049096&lv=1
Frame ID: A8CF228C7F430463A1730DD8FAF07A26
Requests: 2 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=5041&ca=20682259&ri=bae591ee6b8c67baa322fd8dd4a55215&stats=%7B%2213488%22%3A%22588%2C2%22%2C%2217243%22%3A%2257%2C1%22%2C%2242261%22%3A%2245%2C1%22%2C%2250495%22%3A%22376%2C1%22%2C%2252220%22%3A%2295%2C1%22%2C%2253935%22%3A%2283%2C1%22%2C%2254497%22%3A%22105%2C1%22%2C%2254855%22%3A%2264%2C2%22%2C%2254863%22%3A%22360%2C1%22%2C%2255073%22%3A%2291%2C2%22%2C%2256659%22%3A%22111%2C1%22%2C%2256885%22%3A%2296%2C2%22%2C%2257347%22%3A%22159%2C2%22%2C%2257363%22%3A%2274%2C1%22%2C%2258143%22%3A%2252%2C1%22%2C%2258553%22%3A%22514%2C2%22%2C%2258561%22%3A%22327%2C1%22%7D&ra=2045677471119105
Frame ID: C81A42B21A4EC9A0D0C78E31C85C6DBA
Requests: 1 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=5041&ca=20682257&ri=02b19945882d5cb0932e76e7fdb2e08e&stats=%7B%2213488%22%3A%22600%2C2%22%2C%2217243%22%3A%2266%2C1%22%2C%2242261%22%3A%2254%2C1%22%2C%2250495%22%3A%22284%2C1%22%2C%2252220%22%3A%2296%2C1%22%2C%2253935%22%3A%2262%2C1%22%2C%2254497%22%3A%22115%2C1%22%2C%2254855%22%3A%2274%2C2%22%2C%2254863%22%3A%22371%2C1%22%2C%2255073%22%3A%22102%2C2%22%2C%2256659%22%3A%22122%2C1%22%2C%2256885%22%3A%22107%2C2%22%2C%2257347%22%3A%22169%2C2%22%2C%2257363%22%3A%22119%2C1%22%2C%2258143%22%3A%2268%2C1%22%2C%2258553%22%3A%22394%2C2%22%2C%2258561%22%3A%22478%2C1%22%7D&ra=6433880116226596
Frame ID: 782ABB9519A8255D784776386559C0E6
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/lightbox_builder.js?cb=638344662742248133
Frame ID: E124DB7DA4DBCC1E78011C93EE8CC2DD
Requests: 5 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/lightbox.js?mb=1699419050309&lv=1
Frame ID: DAF87343FEED07ADA1B0DCA5BABB0640
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: EEB96F4891B87C879F82235917EF05C5
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: F873325D540817E352D6D94CBD0896D4
Requests: 7 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.04b87629.js
Frame ID: F092E382F6CCB0BBDFF82B62F4F5CAD6
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
Frame ID: B150576E4A1B3625BDDD886D81A421B5
Requests: 35 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html
Frame ID: 1C05AFDA71A612E58CFAF768CB40E658
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html
Frame ID: DA4E4A7D755D1F57FBCA4E1A1177BEED
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html
Frame ID: BF218B1C1D7751E4D07DAC0F53F09138
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html
Frame ID: C16F895F043061520C8376DC9248D153
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 4ED1E498C1631848F20EC52908CCC7AB
Requests: 13 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 64A8B16CD9FF48704CD6D9B2FD09909A
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Salvation Army Western Territory

Page URL History Show full URLs

http://usw.salvationarmy.org/ HTTP 302
https://usw.salvationarmy.org/ HTTP 302
https://westernusa.salvationarmy.org/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Inspectlet (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.inspectlet\.com

Lightbox (JavaScript Libraries) Expand

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

412
Requests

93 %
HTTPS

44 %
IPv6

73
Domains

111
Subdomains

89
IPs

5
Countries

9273 kB
Transfer

32505 kB
Size

90
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://give.salvationarmyusa.org/give/164006/#!/donation/checkout
Title: Donate

Search URL Search Domain Scan URL

URL: https://volunteer.usawest.org/
Title: Volunteer

Search URL Search Domain Scan URL

URL: https://corporatepartners.salvationarmy.org/
Title: Corporate Partners

Search URL Search Domain Scan URL

URL: https://shopthesalvationarmy.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://volunteer.usawest.org/?utm_source=web-hero&utm_medium=hero&utm_campaign=Bell+ringer+2
Title: Become a Bell Ringer

Search URL Search Domain Scan URL

URL: https://give-usw.salvationarmy.org/give/511126/?hero=true_thq#!/donation/checkout
Title: Donate Now

Search URL Search Domain Scan URL

URL: https://caringmagazine.org/street-level-meeting-need-on-the-street/
Title: STREET LEVEL

Search URL Search Domain Scan URL

URL: http://corporatepartners.salvationarmy.org/
Title: Partners

Search URL Search Domain Scan URL

URL: http://www.facebook.com/SalvationArmyUSA

Search URL Search Domain Scan URL

URL: http://www.instagram.com/salvationarmyus

Search URL Search Domain Scan URL

URL: http://www.twitter.com/SalvationArmyUS

Search URL Search Domain Scan URL

URL: http://www.youtube.com/SalvationArmyUSA

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/salvationarmyus

Search URL Search Domain Scan URL

URL: http://www.vimeo.com/salarmymedia

Search URL Search Domain Scan URL

URL: https://www.guidestar.org/profile/94-1156347

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://usw.salvationarmy.org/ HTTP 302
https://usw.salvationarmy.org/ HTTP 302
https://westernusa.salvationarmy.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://cdn.rawgit.com/noelboss/featherlight/1.7.12/release/featherlight.min.css HTTP 301
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.12/release/featherlight.min.css

Request Chain 17

https://cdn.rawgit.com/noelboss/featherlight/1.7.12/release/featherlight.min.js HTTP 301
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.12/release/featherlight.min.js

Request Chain 27

https://8879652.fls.doubleclick.net/activityi;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801 HTTP 302
https://8879652.fls.doubleclick.net/activityi;dc_pre=CKWcgaXNs4IDFefMOwIdFJYD-g;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801

Request Chain 86

https://www.classy.org/give/506522/ HTTP 302
https://give-usw.salvationarmy.org/give/506522/

Request Chain 123

https://cm.everesttech.net/cm/dd?d_uuid=65467669184316211842981170000779011768 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUsTqAAAAKvqzwN6

Request Chain 140

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8160306291098026259

Request Chain 144

https://10359058.fls.doubleclick.net/activityi;src=10359058;type=retar0;cat=sitew0;ord=9609463096988.713 HTTP 302
https://10359058.fls.doubleclick.net/activityi;dc_pre=COTc4KXNs4IDFc7ROwIdpYcNtA;src=10359058;type=retar0;cat=sitew0;ord=9609463096988.713

Request Chain 145

https://mpp.vindicosuite.com/mpp/?y=2&t=i&tp=1&clid=250&pixid=99102584&rnd=0.4432202982803186 HTTP 302
https://cache.vindicosuite.com/creative/blank.gif

Request Chain 156

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=Rux-UkHqKwhd7ngBSO9nUhPgeQZd6X4FEegPvqOE

Request Chain 176

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=65467669184316211842981170000779011768&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=65467669184316211842981170000779011768&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-tU5flt5E2pE8WeX9qI3clAFz06yZL9kV0Y8-~A

Request Chain 183

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210828001828802&referrer=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=7e693bfe-001d-445d-a2b3-ba3a799fcabc%3A1699419048.9338665&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D7e693bfe-001d-445d-a2b3-ba3a799fcabc%253A1699419048.9338665%26_%3D1699419048.9367824&cb=1699419048.9368076 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730735211994&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D7e693bfe-001d-445d-a2b3-ba3a799fcabc%253A1699419048.9338665%26_%3D1699419048.9367824 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=7e693bfe-001d-445d-a2b3-ba3a799fcabc%3A1699419048.9338665&_=1699419048.9367824

Request Chain 184

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgyODAwMTgyODgwMg==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEN1s0fTwyDN1oO9thRGWtps&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730735211994&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=4c975efd-d604-40a2-b881-9745ac604974%3A1699419049.1425295&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4c975efd-d604-40a2-b881-9745ac604974%253A1699419049.1425295%26_%3D1699419049.1462352&cb=1699419049.146265 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730735211994&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D4c975efd-d604-40a2-b881-9745ac604974%253A1699419049.1425295%26_%3D1699419049.1462352 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=4c975efd-d604-40a2-b881-9745ac604974%3A1699419049.1425295&_=1699419049.1462352

Request Chain 185

https://ib.adnxs.com/setuid?entity=18&code=5141210828001828802 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210828001828802

Request Chain 189

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5108559730735211994&bid=omt9pi0

Request Chain 192

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210828001828802&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210828001828802&forward=&C=1

Request Chain 199

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZUsTqAAAAKvqzwN6

Request Chain 200

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5108559730735211994&bid=omt9pi0

Request Chain 201

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZUsTqAAAAKvqzwN6

Request Chain 202

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730735211994&referrer=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=4f874ded-8ca1-4ba8-b28c-8340d83c9a29%3A1699419049.0743155&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4f874ded-8ca1-4ba8-b28c-8340d83c9a29%253A1699419049.0743155%26_%3D1699419049.0769165&cb=1699419049.0769637 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730735211994&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D4f874ded-8ca1-4ba8-b28c-8340d83c9a29%253A1699419049.0743155%26_%3D1699419049.0769165 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=4f874ded-8ca1-4ba8-b28c-8340d83c9a29%3A1699419049.0743155&_=1699419049.0769165

Request Chain 203

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMDczNTIxMTk5NA==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEN1s0fTwyDN1oO9thRGWtps&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730735211994&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=ab658341-b82f-42e3-83ba-99c3bb79d0f8%3A1699419049.1415327&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dab658341-b82f-42e3-83ba-99c3bb79d0f8%253A1699419049.1415327%26_%3D1699419049.1444614&cb=1699419049.1444864 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730735211994&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dab658341-b82f-42e3-83ba-99c3bb79d0f8%253A1699419049.1415327%26_%3D1699419049.1444614 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=ab658341-b82f-42e3-83ba-99c3bb79d0f8%3A1699419049.1415327&_=1699419049.1444614

Request Chain 204

https://ib.adnxs.com/setuid?entity=18&code=5108559730735211994 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559730735211994

Request Chain 210

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559730735211994&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559730735211994&forward=&C=1

Request Chain 218

https://getrockerbox.com/rb?url=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&action=view&source=salvation_army&rb_source=salvation_army&script_version=xyz.js&sessionId=16d91ad0-0fd7-4df9-b3a8-8aec645118d4&an_seg=9705236&type=imp&uid=rbos-ad0218ef-e588-490a-a630-2c65142b6db2 HTTP 302
https://secure.adnxs.com/seg?add=9705236

Request Chain 219

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlVzVHFBQUFBS3ZxendONg==

Request Chain 221

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZUsTqAAAAKvqzwN6&expires=90

Request Chain 223

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZUsTqAAAAKvqzwN6

Request Chain 224

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=ZUsTqAAAAKvqzwN6

Request Chain 229

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUsTqAAAAKvqzwN6

Request Chain 232

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZUsTqAAAAKvqzwN6

Request Chain 236

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZUsTqAAAAKvqzwN6&img=1

Request Chain 240

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZUsTqAAAAKvqzwN6&t=2592000&o=0

Request Chain 308

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/788785286/?random=719930136&cv=9&fst=1699419051099&num=1&value=0&label=wZwFCJ_w_4gBEIbRj_gC&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fgive-usw.salvationarmy.org%2Fgive%2F506522%2F&ref=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&tiba=Donate%20to%20The%20Salvation%20Army-Website&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&ocp_id=qxNLZbPmBtXG7_UPn6OcsAI&sscte=1&crd=&pscrd=IhMI8-f2ps2zggMVVeO7CB2fEQcm HTTP 302
https://www.google.com/pagead/1p-conversion/788785286/?random=719930136&cv=9&fst=1699419051099&num=1&value=0&label=wZwFCJ_w_4gBEIbRj_gC&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fgive-usw.salvationarmy.org%2Fgive%2F506522%2F&ref=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&tiba=Donate%20to%20The%20Salvation%20Army-Website&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI8-f2ps2zggMVVeO7CB2fEQcm&is_vtc=1&ocp_id=qxNLZbPmBtXG7_UPn6OcsAI&cid=CAQSKQDICaaNEFdT7-F2GeoweMnVMgQh0l8hqwNfHyzI0ZYY3-X9qcEXp3PE&random=569125539&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/788785286/?random=719930136&cv=9&fst=1699419051099&num=1&value=0&label=wZwFCJ_w_4gBEIbRj_gC&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fgive-usw.salvationarmy.org%2Fgive%2F506522%2F&ref=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&tiba=Donate%20to%20The%20Salvation%20Army-Website&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI8-f2ps2zggMVVeO7CB2fEQcm&is_vtc=1&ocp_id=qxNLZbPmBtXG7_UPn6OcsAI&cid=CAQSKQDICaaNEFdT7-F2GeoweMnVMgQh0l8hqwNfHyzI0ZYY3-X9qcEXp3PE&random=569125539&resp=GooglemKTybQhCsO&ipr=y

412 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
westernusa.salvationarmy.org/
Redirect Chain

http://usw.salvationarmy.org/
https://usw.salvationarmy.org/
https://westernusa.salvationarmy.org/

100 KB
29 KB

361ms
103ms

Document
text/html

3.234.103.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.103.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-103-103.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

1b23692ff9286f5f4a12214c2402dec9f9434f29de1d021dc4b249090679e014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 29142
content-type: text/html;charset=UTF-8
date: Wed, 08 Nov 2023 04:50:46 GMT
expires: 0
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: no-cache
Connection: close
Location: https://westernusa.salvationarmy.org
Pragma: no-cache

GET
H2 200 main.css
static.salvationarmy.org/us-east-1/templates/symphony/static_resources/styles/ 789 KB
123 KB 77ms
7ms Stylesheet
text/css 2600:9000:2646:3c00:11:c186:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/styles/main.css?v=1,699,418,822.797
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3c00:11:c186:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc0ac0c30de99242bf9dfda2fce7f397c0f25a509745b24b4543104193b492df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: DYmk9Qa7szKP2JscwAou8TG6UUHhXrjx
content-encoding: gzip
via: 1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 03:49:05 GMT
last-modified: Wed, 01 Nov 2023 10:29:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 12907
x-amz-server-side-encryption: AES256
etag: W/"ae4574765178fd379564e1feecc7cce3"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: O_EnTf4WdHwTzPmD0GH2l5LfGkAEPwtTqOjtsMfwJ2iM9s_vT_LDEw==

GET
H2 200 nky6uwx.css
use.typekit.net/ 10 KB
1 KB 69ms
19ms Stylesheet
text/css 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/nky6uwx.css

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

402740c5977179721a0bf80ccfcd95a3def72f6fb8300803ced180d882eccf6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 08 Nov 2023 04:50:46 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1201

GET
H2 200 all.min.css
static.salvationarmy.org/us-east-1/templates/symphony/static_resources/vendors/font-awesome/css/ 170 KB
33 KB 89ms
19ms Stylesheet
text/css 2600:9000:2646:3c00:11:c186:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/vendors/font-awesome/css/all.min.css
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3c00:11:c186:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89b2462070a1a639c693794bc1d8d9131e6eb9274fc7fb0fb854943e58940a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: upBt69R74eZJBsD0iodvm29J8ZG_62.m
content-encoding: gzip
via: 1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 03:49:05 GMT
last-modified: Wed, 01 Nov 2023 10:29:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 6908
x-amz-server-side-encryption: AES256
etag: W/"21f9f9f41222c9f2acec907529ea35a1"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: Hspn7d7Jcnifuzno1cu90itmkmQELKCW9aj2Z1kBufP1DgwxSgfQCw==

GET
H2

200

featherlight.min.css
cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.12/release/
Redirect Chain

https://cdn.rawgit.com/noelboss/featherlight/1.7.12/release/featherlight.min.css
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.12/release/featherlight.min.css

2 KB
1 KB

30ms
14ms

Stylesheet
text/css

2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.12/release/featherlight.min.css

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

478d1c430fa13d83b8c0e185a858fa1bbc1e6d0d6f1fbca630e6ba5ca644980f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3309
x-jsd-version: 1.7.12
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230102-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"76a-Z92gS05REqEhyrAudzmNFKYkeSg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fZRWZa3fTWPicKHPL1cITatuDjMTdWXUkmrAsCsZncuqmib8b8F748%2BCv8CH8FC2IFZbK8%2B%2F%2B6%2Br0T%2FaxmPqmsw%2FKD89hCgDGr34xOWdlE6OSa0LRTMPcg%2FTOtToKCGpUGKnsO95NYDB4cyW1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 822b3273b9c437ce-FRA

Redirect headers

date: Wed, 08 Nov 2023 04:50:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 1081
age: 78901
x-cache: MISS, HIT
cdn-cachedat: 11/08/2023 04:50:46
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 119
x-served-by: cache-fra-etou8220053-FRA, cache-chi-kigq8000061-CHI
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 301
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.12/release/featherlight.min.css
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers: *
cache-control: public, max-age=2592000
cdn-cache: EXPIRED
cdn-requestid: d3ad3ec1ea6f6116fa725b9d42655696
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 jquery-1.11.3.min.js Show response
code.jquery.com/ 94 KB
94 KB 32ms
6ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.3.min.js
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer: https://westernusa.salvationarmy.org/
Origin: https://westernusa.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:46 GMT
via: 1.1 varnish, 1.1 varnish
age: 4616848
x-cache: HIT, HIT
content-length: 95957
x-served-by: cache-lga21975-LGA, cache-fra-eddf8230120-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699419047.842705,VS0,VE0
etag: "28feccc0-176d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 8, 154393

GET
H/1.1 200
OK 7df5411f-febd-4b61-a9fc-284e12031d2c_table-styles.css
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 6 KB
6 KB 507ms
179ms Stylesheet
text/css 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/7df5411f-febd-4b61-a9fc-284e12031d2c_table-styles.css
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 508711b5c60e214eb735c2edb80c947b9818109388c4e987ebe4f39048c50b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:48 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Sat, 14 May 2022 03:50:09 GMT
Server: AmazonS3
x-amz-request-id: CCR4V7WK01HM6YWG
ETag: "0f2fa0eadf789a765f3e32fb44a36187"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 5913
x-amz-id-2: 6JfQRPAJhfpeCtZBOpJgLkJA2u5Bw/WUMqBqVX3z75jUb/PundMjW1/sX4QPi/pLOTyAgJ5ghv4=
Expires: Sat, 14 May 2022 03:50:11 GMT

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 742 B
1 KB 446ms
418ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.sync.js
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62c0b464ebdeb53edb3532fcc46463a15f813a8b0f90291674d06aa3974d3433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 7x7oyHjDH2HK2qDGvhtaJMyWZFoNB3Li
date: Wed, 08 Nov 2023 04:50:48 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2023 17:39:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: "e49c2e9ac255c6f06553f3d289ad9e07"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 742
x-amz-cf-id: L9nc-LE2h6HxLhsUA0sz6OxGn7v75x2UHHL3cpo42QmhAwZwVvEG3A==

GET
H2 200 amazingcarousel.js Show response
static.salvationarmy.org/us-east-1/templates/symphony/static_resources/vendors/amazing-carousel/ 156 KB
33 KB 88ms
21ms Script
application/x-javascript 2600:9000:2646:3c00:11:c186:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/vendors/amazing-carousel/amazingcarousel.js
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3c00:11:c186:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f2986c6fe2bc819d950e5f2533348501627f1b582b87fd03103c54660710abd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: lQfZdc.wAf4Calhwt7O56UjvHTBIfPBY
content-encoding: gzip
via: 1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
date: Tue, 07 Nov 2023 09:17:45 GMT
last-modified: Wed, 01 Nov 2023 10:29:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 70382
x-amz-server-side-encryption: AES256
etag: W/"bb665ad96c90d99246c49aee5ea63c42"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-cf-id: bF-GtvQV9556XmYqCpjfDpTr5xc7b6FyQc3c5Sppjde-BCwWa4bTLw==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 77ms
54ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

43f5092a8a186c1c7ef5e43b54eb247eab4ce9e036ffcc52cc29f7de5aee0fd9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 08 Nov 2023 04:50:47 GMT

GET
H2 200 shield-en.svg
static.salvationarmy.org/us-east-1/templates/symphony/static_resources/images/global/ 7 KB
3 KB 7ms
7ms Image
image/svg+xml 2600:9000:2646:3c00:11:c186:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/images/global/shield-en.svg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3c00:11:c186:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d7dbdae54dc88eedae69f8f764477fc280b5acb374428305d0d7616169a5518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: lrgjgallHLMfrJrminWaK756CFY3XbfC
content-encoding: gzip
via: 1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
date: Tue, 07 Nov 2023 11:38:58 GMT
last-modified: Wed, 01 Nov 2023 10:28:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 61909
x-amz-server-side-encryption: AES256
etag: W/"a7c647a6fe1712f289b8b438919a52ff"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: oLjQecOkGchvPhKkkR41Mc6z_riZgwS0pz308lIS4hPErf0V9LiyZQ==

GET
H/1.1 200
OK 7c0f08a5-699e-416e-a4c6-1a159d72be52_11-8-Bell-Ringer-Volunteer-2.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 169 KB
169 KB 491ms
178ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/7c0f08a5-699e-416e-a4c6-1a159d72be52_11-8-Bell-Ringer-Volunteer-2.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4b9766155e2c0481e769a4befe3ad2e744d746e428d3f26833d2afa0a8c76c61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:48 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Wed, 08 Nov 2023 04:43:41 GMT
Server: AmazonS3
x-amz-request-id: CCRBBYTWDM1D0YGE
ETag: "27945acf7ad41e178d2d5b8477abac93"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 172610
x-amz-id-2: kkviJREZq3ii0tk4PEN0EjPUK9nBpDAx3jlhsKVF0FWCQGDq933WJ1N3/kvD9QiOpIGDJfpkglc=
Expires: Wed, 08 Nov 2023 04:43:43 GMT

GET
H/1.1 200
OK ee490239-078f-4772-aeb4-26896233d109_homeless-thq.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 148 KB
149 KB 484ms
178ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ee490239-078f-4772-aeb4-26896233d109_homeless-thq.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 82879e61c44184d28de17b6e3b0fe128cac726acda877c0e50010f9941a73549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:48 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Sat, 23 Sep 2023 16:46:53 GMT
Server: AmazonS3
x-amz-request-id: CCRBWJM6DT445J9J
ETag: "14599e219c941f0592bd5b2d87793ec5"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 151868
x-amz-id-2: R8uu1F2IIQAnYAQPWosG3v7WUFlw/1yHVvBSgG+Y286JcRe8jjEM8TwEE+BgmxzIVOD2eIgmEz8=
Expires: Sat, 23 Sep 2023 16:46:55 GMT

GET
H/1.1 200
OK b49181fb-987e-4f93-870a-3a7a1044bbe9_home_26.gif
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 807 B
1 KB 484ms
179ms Image
image/gif 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/b49181fb-987e-4f93-870a-3a7a1044bbe9_home_26.gif
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6d1e5637fff40ffd5944949829c765669ef9f8548b9a71e7b3836bc14a24dc19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:48 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 Jul 2018 12:41:30 GMT
Server: AmazonS3
x-amz-request-id: CCR8Z2CGPKS6XEFW
ETag: "a8051606900997b830a4a0cb6b72d72e"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 807
x-amz-id-2: WGW/svC2N2Ze0YIpTz+R34AOnfp4nWZqsA/fepJrNRghxJ0bWjLZwdilBvhx8LAW3Jf84FNpURo=
Expires: Tue, 10 Jul 2018 12:41:31 GMT

GET
H/1.1 200
OK 226fa518-a939-41ae-8201-fd576f9b8364_dryBones220.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 10 KB
11 KB 478ms
174ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/226fa518-a939-41ae-8201-fd576f9b8364_dryBones220.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9584770b33b47a91a4a253da4943e50287f6ab1bcd3e78c6d21d4dd42a1b898f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:48 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Wed, 06 Jun 2018 20:52:37 GMT
Server: AmazonS3
x-amz-request-id: CCR6FJ25BJDF4PNS
ETag: "371c6faaaaf564d7c2e17d78465dc823"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 10504
x-amz-id-2: yBO2JfgAnLgzRTGVQ/gaHlSQdOGIQOOX8QOZHIYBjnxT2Uwep2s5ndlxblhMNix+JkWCvTakXZY=
Expires: Wed, 06 Jun 2018 20:52:00 GMT

GET
H2 200 gximage2
widgets.guidestar.org/ 13 KB
4 KB 447ms
402ms Image
image/svg+xml 172.67.23.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.guidestar.org/gximage2?o=8390657&l=v4
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 822b32746df7190d-FRA
expires: -1

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 175 KB
60 KB 65ms
31ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyArW-Hb8ptcJvumHPizDCtdkn2a1oM-WnI

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

07e33be4b2ec422e4cf8ca2b6ace4bac90628502b63b34b5e2dca818474b0134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61207
x-xss-protection: 0

GET
H2 200 gmaps.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gmaps.js/0.4.24/ 31 KB
8 KB 46ms
23ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gmaps.js/0.4.24/gmaps.min.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b7bcf91c1c993db793e2e82f8d73e7daaaffc4659a8d067c680df4d7128ad09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3641846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8189
last-modified: Mon, 04 May 2020 16:10:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e6d-7c32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJ0tKbtNeGGbqKQnGqcx9doGwHLBv2yk6lrSo4YpvPy30rPS61ZkNAK6riKu3v%2BWEAuf%2BD4U4rfP8qQwU0QMjglj%2BaE9%2F%2BDUhdYfjr7gae7lqitgjnUAbskdIIwYBbndAqsD%2BY7lcjppRkfhWtIv1sk7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 822b32740de25d70-FRA
expires: Mon, 28 Oct 2024 04:50:47 GMT

GET
H2

200

featherlight.min.js Show response
cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.12/release/
Redirect Chain

https://cdn.rawgit.com/noelboss/featherlight/1.7.12/release/featherlight.min.js
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.12/release/featherlight.min.js

9 KB
4 KB

16ms
15ms

Script
application/javascript

2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.12/release/featherlight.min.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5a63c34b3496224224edf1543d72f4534b4608cf5ede6dd545608fb3fdef040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16815604
x-jsd-version: 1.7.12
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230074-FRA, cache-yyz4574-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"232f-K6+bW0woP6DAoNd19kzCIYKhlAM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63qV9fxfhoAllBrjid4tcgiqp4Rpgj%2BfNLfcArQF3asoj8ex%2Bbdp3vZsBd4HqJEMtjDclUQTXNFyn%2FTBZQQCGh59kStwXr28T5V3glA3sgGEc9z%2FWYAZqQ0oUW34ac9uleqH4PaqvgDjSyUNa1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 822b3274aa8037ce-FRA

Redirect headers

date: Wed, 08 Nov 2023 04:50:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 1081
age: 75539
x-cache: HIT, HIT
cdn-cachedat: 11/08/2023 04:50:47
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 118
x-served-by: cache-fra-eddf8230136-FRA, cache-chi-kigq8000118-CHI
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 301
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.12/release/featherlight.min.js
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers: *
cache-control: public, max-age=2592000
cdn-cache: EXPIRED
cdn-requestid: 1d2fe8731e3056d9f4b6aa9ce8da1f1b
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 main.js Show response
static.salvationarmy.org/us-east-1/templates/symphony/static_resources/scripts/ 381 KB
112 KB 9ms
7ms Script
application/x-javascript 2600:9000:2646:3c00:11:c186:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/scripts/main.js?v=3
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3c00:11:c186:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84d7091a5c0a3c8ac268a247139fa6069c8d50787e68533d780b6694034a33dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: T9jjs29drfTDzXp904.8rVW1XnUQLWLD
content-encoding: gzip
via: 1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
date: Tue, 07 Nov 2023 09:06:10 GMT
last-modified: Wed, 01 Nov 2023 10:29:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 80276
x-amz-server-side-encryption: AES256
etag: W/"1875235e5cb10ab626bcbc7918d514c4"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-cf-id: e670e6D54waAOBMRBhldRIzTqkaB4QHSpE8sbCGHslAjDf89RuIEFw==

GET
H2 200 symphony-strings Show response
westernusa.salvationarmy.org/usw_thq/ 70 KB
19 KB 425ms
423ms Script
application/javascript 3.234.103.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westernusa.salvationarmy.org/usw_thq/symphony-strings

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.103.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-103-103.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

82e032cbff4961d20c35a7f66c37ab4f4f10ace2cdc628ef9cdee30e912c634a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
server: nginx/1.18.0 (Ubuntu)
x-frame-options: DENY
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 19094
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 moment-with-locales.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.11.1/ 187 KB
41 KB 38ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.11.1/moment-with-locales.min.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb1ef55a922d4cd853dfb2b81ff2baef7e9b87e9def3fff6c35b7938df04659b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3676429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 42027
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-2eb29"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5HDtbcHPm12KXEqdAT%2FKY%2BEgWOemkRl3nu5Air6U9kQEn5X3%2BN%2FjQGovoK2Vtq3%2BvIAoqJd9ghkvgpN9WVX2WFv2Yudh7RDOZHyvhxhnPjJA94h00Tx7wX7elvsU5CcE5Kth%2FTXQr8gego9yzDxHWZj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 822b32740ddf5d70-FRA
expires: Mon, 28 Oct 2024 04:50:47 GMT

GET
H2 200 moment-recur.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment-recur/1.0.7/ 8 KB
3 KB 36ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment-recur/1.0.7/moment-recur.min.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3bbdca61b2501b9d7dfc6561dd56322e84ca70ad40182287ea594ff0bffd4d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2733244
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2302
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-1e67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZ2Gea7%2FzTl8%2BwkHtGVPSIMEVLeo5zjVj18Wb3k8u8N4zPqU4nGNaRU%2B6T9WvvLcacHPmOrNVrDShwH4LIjx4cpGFmbIE08SDNDye4t6%2FzI1V3KsqdXL%2BJ%2BUBCCTtwHFldVlBGXd1Afm4h3ZO0fabQOg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 822b32740de15d70-FRA
expires: Mon, 28 Oct 2024 04:50:47 GMT

GET
H2 200 templates.js Show response
static.salvationarmy.org/us-east-1/templates/symphony/static_resources/handlebars/ 1 MB
148 KB 11ms
9ms Script
application/x-javascript 2600:9000:2646:3c00:11:c186:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/handlebars/templates.js
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3c00:11:c186:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3b766a1b07d858d6d436cbbf83e23ba2579a0d7ffd24b9d4870ea58537243b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 79rzty1.Ir2EbG09SV4ySl7JiFqrphg4
content-encoding: gzip
via: 1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
date: Tue, 07 Nov 2023 05:33:10 GMT
last-modified: Wed, 01 Nov 2023 10:28:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 83876
x-amz-server-side-encryption: AES256
etag: W/"8706de1e8dbb96dab2c0334663ad4940"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-cf-id: Zaue4CQcNv0pcA9YvPTCu3fizzDbI-u8d2UAs_kcevZ-6GS9HFw02g==

GET
H2 200 partials.js Show response
static.salvationarmy.org/us-east-1/templates/symphony/static_resources/handlebars/ 1 MB
148 KB 15ms
13ms Script
application/x-javascript 2600:9000:2646:3c00:11:c186:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/handlebars/partials.js
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3c00:11:c186:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cafeb3e6ca5b4634f622c46814d61bfa184f467eae0ddd542d9608c9c822a0aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: _QlfIuWFBM.MZ4fHaO6VtBvtfOyebvYo
content-encoding: gzip
via: 1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
date: Tue, 07 Nov 2023 09:17:49 GMT
last-modified: Wed, 01 Nov 2023 10:28:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 70379
x-amz-server-side-encryption: AES256
etag: W/"5e4e13f2f71b1081cd882cfe24ce217c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-cf-id: BFSoCtdzdIRvRdOEthvXsOhKUPKYoUcQWqLYYNCIftj2ARYOw4Rh0A==

GET
H/1.1 200
OK fa9f2215-1499-4204-b2a8-75179c9d941b_USW_EG_V2.js Show response
s3.amazonaws.com/usn-cache.salvationarmy.org/ 13 KB
13 KB 328ms
121ms Script
application/x-javascript 52.217.200.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/usn-cache.salvationarmy.org/fa9f2215-1499-4204-b2a8-75179c9d941b_USW_EG_V2.js
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.200.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6fd2bbbe703a720831da7aad3a4d8ec8b931bcc7ed8517f62d5a72e7b02e68c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:48 GMT
x-amz-meta-owningsiteid: 8a9d8d083f3929fe013f61d8826d0786
Last-Modified: Fri, 25 Aug 2023 13:52:55 GMT
Server: AmazonS3
x-amz-request-id: CCR4SN3EKQSCC5CY
ETag: "b21a5401d6d095c01fa4b861bca86508"
x-amz-server-side-encryption: AES256
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 13263
x-amz-id-2: Tur4hmGaFDbmAR8RPT0/8zwsedpveaQctJql6TMwWbi4FmpJuDy+LSANsgS1HtN9UsZ8gbOAzYw=
Expires: Fri, 25 Aug 2023 13:52:57 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 69ms
13ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=nky6uwx&ht=tk&f=139.140.171.173.174.175.176.5474.2028.2029.2036.2037.15665.15666&a=781408&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nky6uwx.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 194 KB
70 KB 49ms
28ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMW2G9V

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

faa0247cf1e425da639cc74a10afe6ee0527d633c93c9ebb4404c83f8a381ffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71263
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Nov 2023 04:50:47 GMT

GET
H2

200

activityi;dc_pre=CKWcgaXNs4IDFefMOwIdFJYD-g;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801 Show response
8879652.fls.doubleclick.net/ Frame 1D08
Redirect Chain

https://8879652.fls.doubleclick.net/activityi;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801?
https://8879652.fls.doubleclick.net/activityi;dc_pre=CKWcgaXNs4IDFefMOwIdFJYD-g;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801?

512 B
445 B

46ms
45ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8879652.fls.doubleclick.net/activityi;dc_pre=CKWcgaXNs4IDFefMOwIdFJYD-g;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801?

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

fe9e08d0ed30ae4d5b847f0c2ee5748717a7f6c3e8a33047e17045433bcfc319

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://westernusa.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 269
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 04:50:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 04:50:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8879652.fls.doubleclick.net/activityi;dc_pre=CKWcgaXNs4IDFefMOwIdFJYD-g;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 30ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Nov 2023 04:50:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: K3k3pmpVBWTt7er1gXOkQStdXmWPiSxFEfHbMMGppZuD8DvToLUm1e4vCg99wQ3RedmK0y0VCSJTFZlVznaY/Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 262329117951370 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 98ms
96ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/262329117951370?v=2.9.138&r=stable&domain=westernusa.salvationarmy.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3cde94c39c00b10dfbda6a4cbc82c287bbf11659736598613d4632cfd12d48f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Nov 2023 04:50:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: bUwfEwTwidHC35lT90qyHFfNwj0/CgTAccXMaI+zUoV2VhMiRcVE8Cuqg0P8BwrbsIkPe8dbriYDgCIDkujGug==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
84 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VQBV3M3REJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMW2G9V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e0c68360d5ab8d107772cb7325915a43aae6eef2b35eb6edc7a1bac92f2ca24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85810
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 04:50:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
89 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B3CZW0LNLQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMW2G9V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ef2f1fbe14d3a5cec04c65a77ff4d80d7395ef6b8515a55d50c02f3add79a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91362
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 04:50:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMW2G9V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 03:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3555
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 08 Nov 2023 05:51:32 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CKWcgaXNs4IDFefMOwIdFJYD-g;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801;~oref=https:... Frame 2289 511 B
646 B 67ms
44ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKWcgaXNs4IDFefMOwIdFJYD-g;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801;~oref=https://westernusa.salvationarmy.org/

Requested by

Host: 8879652.fls.doubleclick.net
URL: https://8879652.fls.doubleclick.net/activityi;dc_pre=CKWcgaXNs4IDFefMOwIdFJYD-g;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9260e54a8df9cf0e00e7745b58563943666b2a5e00a4cbba224728490668017d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8879652.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 272
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 04:50:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
217 B 20ms
19ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=672763463&t=pageview&_s=1&dl=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&ul=en-us&de=UTF-8&dt=The%20Salvation%20Army%20Western%20Territory&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=481535453&gjid=1581892821&cid=1502720560.1699419047&tid=UA-3145115-10&_gid=1381699707.1699419047&_r=1&_slc=1&gtm=45He3b60n81PMW2G9Vv77434957&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1625525892

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://westernusa.salvationarmy.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://westernusa.salvationarmy.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 17ms
16ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=672763463&t=pageview&_s=1&dl=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&ul=en-us&de=UTF-8&dt=The%20Salvation%20Army%20Western%20Territory&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAACAAI~&jid=711106933&gjid=1601606731&cid=1502720560.1699419047&tid=UA-3145115-1&_gid=1381699707.1699419047&_r=1&_slc=1&gtm=45He3b60n81PMW2G9Vv77434957&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=2104750091

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://westernusa.salvationarmy.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://westernusa.salvationarmy.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
263 B 35ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VQBV3M3REJ&gtm=45je3b60v894101021z877434957&_p=1699419047017&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1502720560.1699419047&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1699419047&sct=1&seg=0&dl=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&dt=The%20Salvation%20Army%20Western%20Territory&en=page_view&_fv=1&_ss=1&tfd=1889
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VQBV3M3REJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://westernusa.salvationarmy.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 24ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B3CZW0LNLQ&gtm=45je3b60v894101633z877434957&_p=1699419047017&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1502720560.1699419047&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699419047&sct=1&seg=0&dl=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&dt=The%20Salvation%20Army%20Western%20Territory&en=page_view&_fv=1&_ss=1&tfd=1901
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B3CZW0LNLQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://westernusa.salvationarmy.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
355 B 65ms
21ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3145115-1&cid=1502720560.1699419047&jid=711106933&gjid=1601606731&_gid=1381699707.1699419047&_u=YGDACEABBAAAACAAI~&z=909278086

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://westernusa.salvationarmy.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Nov 2023 04:50:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://westernusa.salvationarmy.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CKWcgaXNs4IDFefMOwIdFJYD-g;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801;~oref=https:/... Frame 0D6B 194 B
515 B 67ms
44ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKWcgaXNs4IDFefMOwIdFJYD-g;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801;~oref=https://westernusa.salvationarmy.org/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKWcgaXNs4IDFefMOwIdFJYD-g;src=8879652;type=pagehit;cat=sasc-0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6817287048148.801;~oref=https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 04:50:47 GMT
expires: Wed, 08 Nov 2023 04:50:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 22ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=262329117951370&ev=PageView&dl=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&rl=&if=false&ts=1699419047309&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699419047308.1795707189&ler=empty&it=1699419047132&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 08 Nov 2023 04:50:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=672763463&t=pageview&_s=1&dl=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&ul=en-us&de=UTF-8&dt=The%20Salvation%20Army%20Western%20Territory&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAACAAI~&jid=1803095137&gjid=60339208&cid=1502720560.1699419047&tid=UA-3145115-11&_gid=1381699707.1699419047&_r=1&_slc=1&z=1972328926

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

28a46f75b9684b301f06d10582ad244fe336bc586286724241dac283074fe690

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://westernusa.salvationarmy.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://westernusa.salvationarmy.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 icons.svg.css
static.salvationarmy.org/us-east-1/templates/symphony/static_resources/styles/icons/ 285 KB
58 KB 7ms
7ms Stylesheet
text/css 2600:9000:2646:3c00:11:c186:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/styles/icons/icons.svg.css
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3c00:11:c186:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd1ee2d1e823a880ea9028dbba05f7b54501d59121684be0fa5f982459a098b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 81Gt80sVR.4cmbqiP0jijukrDgI2EUn2
content-encoding: gzip
via: 1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 03:49:15 GMT
last-modified: Wed, 01 Nov 2023 10:29:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 6463
x-amz-server-side-encryption: AES256
etag: W/"e00048b8f9aad1da0ff6fc64faa07b28"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: BopU40sq8lbNmIGugbWbr6WYp-AHrIGQFAkfTCmyiEgzbIM8F_lZkw==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ 470 KB
189 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__de.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57a9f18c1cd1427deb1df65b1b059636ddb7b36aa32fe394f094203feb1f99e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://westernusa.salvationarmy.org/
Origin: https://westernusa.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 21:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192400
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 21:45:37 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef9533ded6c72ec6881bcf997bb8c469310bbb1b9b68696501a2132fc118d7af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:47 GMT
content-md5: iCzVtvrD7j4djFB9jf5ybg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: yaVHRq+5BdxopkR2HYDRNheO70zW9CpurPT1Ne4QBoEwQBqylxKcCL/8xIms3CO7MpEc0e84EOVt5DxPnpgWVA==
x-fb-content-md5: 7267881cd214c5fa7932809b8cf6778d
cross-origin-opener-policy: same-origin-allow-popups
etag: "c415a93ecc46df9857e9c251abb08156"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 08 Nov 2023 05:04:40 GMT

GET
H/1.1 200
OK b49181fb-987e-4f93-870a-3a7a1044bbe9_home_26.gif
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 807 B
1 KB 182ms
182ms Image
image/gif 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/b49181fb-987e-4f93-870a-3a7a1044bbe9_home_26.gif
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6d1e5637fff40ffd5944949829c765669ef9f8548b9a71e7b3836bc14a24dc19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:48 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 Jul 2018 12:41:30 GMT
Server: AmazonS3
x-amz-request-id: CCRFCG0AR986J4Y2
ETag: "a8051606900997b830a4a0cb6b72d72e"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 807
x-amz-id-2: sGlIKsGjKHLvbfkLew2ue61s37SvZL5Yt3d/Uznt1vug1lpPwrnlyJYMP8+DCGqxO/ILyQaD8Zs=
Expires: Tue, 10 Jul 2018 12:41:31 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 28ms
14ms XHR
application/json 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://westernusa.salvationarmy.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 22ms
21ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3145115-11&cid=1502720560.1699419047&jid=1803095137&gjid=60339208&_gid=1381699707.1699419047&_u=aGDACEABBAAAACAAI~&z=1670142486

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://westernusa.salvationarmy.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Nov 2023 04:50:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://westernusa.salvationarmy.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
93 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DR4WC585XQ&cx=c&_slc=1

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6db089859b0c675ed35c58939a2eafcb2084c50f9663d6ae02d4dffa36e3dd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 04:50:47 GMT

GET
H2 200 l
use.typekit.net/af/cebe0e/00000000000000003b9b3060/27/ 34 KB
34 KB 56ms
28ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cebe0e/00000000000000003b9b3060/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nky6uwx.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 292da5515b8830e29cf8d4beececd8f700a15e92e5e1d087def6372f45a3d67d

Request headers

Referer: https://use.typekit.net/nky6uwx.css
Origin: https://westernusa.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
server: nginx
etag: "6836446a3fea48bf0b3a00b81f3391fcf4638c59"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34640

GET
DATA 200
OK truncated
/ 840 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90a230db7d91aa480b1cad32e3672afbd39896609475e6df9810933c6face12e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 806 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8072603eaec40a877ab1c121d28025c849b18be2ba218ef3470d7ddfb7b829c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6f87133addde22e68582cc543cafcd8919c242a11f6f1298ccadcefbb7a4896

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 672 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96c963e7b76a4b76e1e09afbe2f36c87c3ff0971fc4ec17e2f9853e244592f72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24c09042d38007583f245edda78430a55890238c7a527bba2b41a323a1c56d68

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 990 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b0833187f27d82413754b8e8c7d0e269c559a70b38c5e868f4594ad9d381a4f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27cb055606a1039a02b7a5334686a76d691dc1997580e215e4c8929ff33aae26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 583 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f00cb292b7fe18ed5cdf18124a58d7d784c765a26cd909371a009853105ba7a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 425 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3b5e833ec31865e6ae793a7a707eb0df6ff825cf657051b4114d7d611af36b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 437 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac815e931816f2a6d9e52792a03f2a268b5a05b8c36eeea9fd7aca58cc5d479f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3967ffc4083b74f59614f7fb3d5299750b0a44797927300a16f175a6f0e0d8f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 807 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ac3fcec85cc7b4ab9dc0829a5913ca7a9fe49e01af24eaa2891ffa44dbec8a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33aacb4c657b463cbe3a15e901f19f342a6be6651967ddaed9fda33f545887f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 258 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d0209545bb167a0047dd2b50e5cdad0d308f651621c6ee5c62f3a9d2fd068f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 298 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f954a10c14f96a1a9c2629b195aca4591c888fbdb2e10028e14de89efdd802df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 shield-en.svg
static.salvationarmy.org/us-east-1/templates/symphony/static_resources/images/global/ 7 KB
3 KB 10ms
6ms Image
image/svg+xml 2600:9000:2646:3c00:11:c186:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/images/global/shield-en.svg
Requested by: Host: static.salvationarmy.org
URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/styles/main.css?v=1,699,418,822.797
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3c00:11:c186:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d7dbdae54dc88eedae69f8f764477fc280b5acb374428305d0d7616169a5518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/styles/main.css?v=1,699,418,822.797
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: lrgjgallHLMfrJrminWaK756CFY3XbfC
content-encoding: gzip
via: 1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
date: Tue, 07 Nov 2023 11:38:58 GMT
last-modified: Wed, 01 Nov 2023 10:28:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 61910
x-amz-server-side-encryption: AES256
etag: W/"a7c647a6fe1712f289b8b438919a52ff"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: N2aaeqAoBiAQoPBfcUBDiCeEBKNTjpSkRdvf6C9OocT5pLrsQ-TznQ==

GET
H2 200 x-twitter.svg
static.salvationarmy.org/us-east-1/templates/symphony/static_resources/images/global/ 466 B
893 B 15ms
12ms Image
image/svg+xml 2600:9000:2646:3c00:11:c186:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/images/global/x-twitter.svg
Requested by: Host: static.salvationarmy.org
URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/styles/main.css?v=1,699,418,822.797
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3c00:11:c186:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df08a45bf9a8a47a2616e0504a67292b41affcc44d02e2662545fdcd111599fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/styles/main.css?v=1,699,418,822.797
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: zOb3aG5qW730xTVFPu0kmj80ZKD58rmn
date: Wed, 08 Nov 2023 04:50:47 GMT
via: 1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
last-modified: Wed, 01 Nov 2023 10:28:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 108
x-amz-server-side-encryption: AES256
etag: "62e52dc3742f89dbfa5e13d8350bfe8c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 466
x-amz-cf-id: 3jZdj92-5Bm4V31bmDaTlhix7ssj_QePznpyQzehII9UPRGQmT8iRQ==

GET
H2 200 l
use.typekit.net/af/6799c3/000000000000000000012e92/27/ 39 KB
39 KB 33ms
25ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6799c3/000000000000000000012e92/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nky6uwx.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2aa4afc11c9d7a606d9d9697bf302736df839525aa7a74cf7456d0eb777d0920

Request headers

Referer: https://use.typekit.net/nky6uwx.css
Origin: https://westernusa.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
server: nginx
etag: "ff390f132f568633fed790cb146933639ec26802"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39704

GET
H2 200 fa-solid-900.woff2
static.salvationarmy.org/us-east-1/templates/symphony/static_resources/vendors/font-awesome/webfonts/ 134 KB
135 KB 23ms
7ms Font
application/octet-stream 2600:9000:2646:3c00:11:c186:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/vendors/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: static.salvationarmy.org
URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/vendors/font-awesome/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3c00:11:c186:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d4d29042c23b5fcbed3af690421776de0f8ad3d308d66e24a9d80bcc8ccb522

Request headers

Referer: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/vendors/font-awesome/css/all.min.css
Origin: https://westernusa.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: rwVHuXQn06eR8plG4RY7PwtQcmH7ZY6_
date: Tue, 07 Nov 2023 09:06:10 GMT
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 71198
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 137104
last-modified: Wed, 01 Nov 2023 10:29:03 GMT
server: AmazonS3
etag: "dbf1fc91f1beec2915123257ea4d58ef"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: b53T5LsE1wb9SSIFbaFUB5RMPRa-6-dk5yqY69Gvg5NTtofuRpmnnQ==

GET
H2 200 l
use.typekit.net/af/576d53/00000000000000003b9b3066/27/ 32 KB
33 KB 22ms
15ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/576d53/00000000000000003b9b3066/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nky6uwx.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 00f7898216fc98f62a6dec0077f7d46045d02a056e7f58675cb62b363a5d14dd

Request headers

Referer: https://use.typekit.net/nky6uwx.css
Origin: https://westernusa.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
server: nginx
etag: "fa333b49edecc210478c16168adee736b2ad6c1f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33272

GET
H2 200 l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 34 KB
34 KB 19ms
13ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nky6uwx.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f

Request headers

Referer: https://use.typekit.net/nky6uwx.css
Origin: https://westernusa.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
server: nginx
etag: "b5fef031a96fc670f9c3b1b64dd52243a29d7531"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34336

GET
H2 200 fa-brands-400.woff2
static.salvationarmy.org/us-east-1/templates/symphony/static_resources/vendors/font-awesome/webfonts/ 75 KB
76 KB 35ms
20ms Font
application/octet-stream 2600:9000:2646:3c00:11:c186:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/vendors/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: static.salvationarmy.org
URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/vendors/font-awesome/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3c00:11:c186:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39c658ef377f9ec31442c5343a15bdfc4c4653bcca74bc7d6fe4b3e736a60aa4

Request headers

Referer: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/vendors/font-awesome/css/all.min.css
Origin: https://westernusa.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: y0Vc9a6phTXIR9ARpJGuAMdeZmTl6cBo
date: Wed, 08 Nov 2023 02:08:21 GMT
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 31586
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 76728
last-modified: Wed, 01 Nov 2023 10:29:02 GMT
server: AmazonS3
etag: "f4120760fb40152d1bdb109103063c13"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: ULJj_7RS7kTqQunZFa0nj0TtX6WAmXx7xS8GYmDrrkAYK04ITHw7cw==

GET
H2 200 l
use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/ 34 KB
34 KB 14ms
14ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nky6uwx.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4e8d47f2d51e5c15ed54e8237f827005d675eec474216e7931e534c78ff30158

Request headers

Referer: https://use.typekit.net/nky6uwx.css
Origin: https://westernusa.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
server: nginx
etag: "d9c559430b0162ff50e16cf6dad5514fa963f9ff"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35100

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 228 KB
66 KB 383ms
383ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.js
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19be89c7c105ee087cc3154a43bfa3c2840d1c0ea42e2c58e392bffc24425f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: h1Duc8yXajHBLyk0lZBLDXFdqFJq_bl2
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:48 GMT
last-modified: Fri, 27 Oct 2023 17:39:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"10367ee30f4bd5846daff2bff8691dab"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: -DT8K67OQ0iHtTqhdfzWZEhS2OSf9oIbMZ6NUmI4UB8Z8TO5VUtFSQ==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=672763463&t=pageview&_s=2&dl=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&ul=en-us&de=UTF-8&dt=The%20Salvation%20Army%20Western%20Territory&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=1502720560.1699419047&tid=UA-3145115-11&_gid=1381699707.1699419047&z=852961541

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 10:01:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67785
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=fe3eccd1af76a8f86bcc7282bdce9755

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc4f6e80157bacd12df4366d30ca8f0a4327ffabe9467d088a83c3990af54827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://westernusa.salvationarmy.org/
Origin: https://westernusa.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:47 GMT
content-md5: r/h2nb9smVqO7ajJnFxMyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88330
reporting-endpoints
x-fb-debug: 9XjFbB9MQDdmSKcvOVxgPkyofFR1mxrWxbd18uhlHypvLVj3AX4DYORaf/Hbono0LaM5IJD2qBh9I8sE0LyZnA==
x-fb-content-md5: e7db31adeb2c283be875c920b2defc6f
cross-origin-opener-policy: same-origin-allow-popups
etag: "79b567cc6d1fbf87420e1f619c65a272"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 07 Nov 2024 03:21:43 GMT

GET
H2 200 properties Show response
westernusa.salvationarmy.org/usw_conductor/json/ 4 MB
296 KB 107ms
106ms XHR
text/html 3.234.103.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westernusa.salvationarmy.org/usw_conductor/json/properties

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.103.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-103-103.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b048395cb49760452d94202c560b2744828282291de013d442e7eb2d19e98b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

tracestate: 345702@nr=0-1-345702-2794958-a8c9fbb0937f8bdd----1699419047576
traceparent: 00-88a07de03f62cdf16038bc3d4987a9c0-a8c9fbb0937f8bdd-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0NTcwMiIsImFwIjoiMjc5NDk1OCIsImlkIjoiYThjOWZiYjA5MzdmOGJkZCIsInRyIjoiODhhMDdkZTAzZjYyY2RmMTYwMzhiYzNkNDk4N2E5YzAiLCJ0aSI6MTY5OTQxOTA0NzU3Nn19
Accept: */*
Referer: https://westernusa.salvationarmy.org/
X-Requested-With: XMLHttpRequest

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
server: nginx/1.18.0 (Ubuntu)
x-frame-options: DENY
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 302268
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 properties Show response
westernusa.salvationarmy.org/usw_thq/json/ 74 KB
10 KB 504ms
504ms XHR
text/html 3.234.103.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westernusa.salvationarmy.org/usw_thq/json/properties

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.103.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-103-103.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

22360bb141f93d04a5d3c3986a018f87af44e19f72c08fbd5e4b1da299b2d512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

tracestate: 345702@nr=0-1-345702-2794958-dc13e4fc36400a59----1699419047577
traceparent: 00-91daed660cbcdce396e3cc2e810c4af0-dc13e4fc36400a59-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0NTcwMiIsImFwIjoiMjc5NDk1OCIsImlkIjoiZGMxM2U0ZmMzNjQwMGE1OSIsInRyIjoiOTFkYWVkNjYwY2JjZGNlMzk2ZTNjYzJlODEwYzRhZjAiLCJ0aSI6MTY5OTQxOTA0NzU3N319
Accept: */*
Referer: https://westernusa.salvationarmy.org/
X-Requested-With: XMLHttpRequest

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
server: nginx/1.18.0 (Ubuntu)
x-frame-options: DENY
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 9446
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 slick.woff
static.salvationarmy.org/us-east-1/templates/symphony/static_resources/styles/fonts/ 1 KB
2 KB 7ms
6ms Font
application/octet-stream 2600:9000:2646:3c00:11:c186:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/styles/fonts/slick.woff
Requested by: Host: static.salvationarmy.org
URL: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/styles/main.css?v=1,699,418,822.797
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3c00:11:c186:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Referer: https://static.salvationarmy.org/us-east-1/templates/symphony/static_resources/styles/main.css?v=1,699,418,822.797
Origin: https://westernusa.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: huzaS2BRoqVHix0y131z7n_oiOTOa4RG
date: Tue, 07 Nov 2023 12:10:09 GMT
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 60039
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1380
last-modified: Wed, 01 Nov 2023 10:29:01 GMT
server: AmazonS3
etag: "b7c9e1e479de3b53f1e4e30ebac2403a"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: vRrft88X-YgA8gLnxZh6rYKTjC84xq9HJjC9wbK6oRwzvi7_3Z4OXg==

GET
H2 200 embedded-giving.js Show response
sdk.classy.org/ 42 KB
11 KB 97ms
49ms Script
text/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.classy.org/embedded-giving.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd647d8ae1ca393a52b8a8e06afac09b2e8221cce3c4b89a8ebff978b3725b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 60
x-amz-request-id: CRS5D23XP6NQJT26
x-amz-server-side-encryption: AES256
x-amz-id-2: wJ0AU5HwlL7Mo8nX3WxrvkQYdBDoZsTpkaeMVkxWmJcy9QhsfMJg5BnjgxdNPB0wS5l4hBd052U=
last-modified: Wed, 25 Oct 2023 23:02:09 GMT
cf-bgj: minify
server: cloudflare
etag: W/"f0362a76a22a66f6bd5cfb9f219b182e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60, s-maxage=900, stale-while-revalidate=60
cf-ray: 822b3277ff4f5d80-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 16ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DR4WC585XQ&gtm=45je3b60v9125877025&_p=1699419047017&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1502720560.1699419047&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&dt=The%20Salvation%20Army%20Western%20Territory&sid=1699419047&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2282
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DR4WC585XQ&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://westernusa.salvationarmy.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 43b52e0c-b9d3-4f2c-81cd-01d38460ab9d_grid_holidays-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 34 KB
35 KB 186ms
185ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/43b52e0c-b9d3-4f2c-81cd-01d38460ab9d_grid_holidays-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d7ebb82b539b7f52cf6ed8853052c095ee1a2bf1ed56c3cbe1a61d908438085a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:48 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:17 GMT
Server: AmazonS3
x-amz-request-id: CCR7P5KGFHVDSVNK
ETag: "650f0e76c33c229e1bc38a418225cfd6"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 35230
x-amz-id-2: 7+M3AzFnUKJoFFhMSIfRE13TNBG9ChsSKlsWl3gF+KrsIx+gJiRDSBFYFYCF42tqd8WQ/KrvRzM=
Expires: Tue, 10 May 2016 18:40:19 GMT

GET
H/1.1 200
OK 8b7e2ee0-395f-42b4-b4ad-13a839e254a9_grid_hunger-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 39 KB
40 KB 195ms
194ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/8b7e2ee0-395f-42b4-b4ad-13a839e254a9_grid_hunger-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3c7e7cd5105ab592d163c34d6ace415c2a3e195c335c47889924e30c282481d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:48 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:19 GMT
Server: AmazonS3
x-amz-request-id: CCR2EDCE36ZS72VX
ETag: "38e285a8c8ac263a8b238d7f64fb195e"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 40416
x-amz-id-2: 3xp61FpPeh49z8w4d/aKtegRbH8FqjoXEJMHg2eZFRGXAkhTI/tWaYjr3SSXwLcioiXnTfjZIdY=
Expires: Tue, 10 May 2016 18:40:21 GMT

GET
H/1.1 200
OK 62d444a2-76f3-44fc-8d4b-0138051d462e_grid_poverty-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 66 KB
66 KB 189ms
188ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/62d444a2-76f3-44fc-8d4b-0138051d462e_grid_poverty-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 99b33ba8faeb410c356891ff4284769fb8755507e308bdaec9929df3076509a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:48 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:29 GMT
Server: AmazonS3
x-amz-request-id: CCR4QQCBFD772W37
ETag: "115abb76e1b3341a1a40a1cfa445fc5e"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 67484
x-amz-id-2: 4ApIAc9pe8xnUiCYCc4rl4+w94yofrMaimXdKgCgVAkn4s9xoIIDPpDdih6nYNGUVxSUwEOqij4=
Expires: Tue, 10 May 2016 18:40:31 GMT

GET
H/1.1 200
OK 29e03e6f-a20b-458c-acf5-3a2427044236_grid_shelter-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 42 KB
42 KB 371ms
181ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/29e03e6f-a20b-458c-acf5-3a2427044236_grid_shelter-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2a02765403bb00511514639acf3fc312816ee544d8f8b28c03e4e34fac95976c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:48 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:31 GMT
Server: AmazonS3
x-amz-request-id: CCRE522ZX6ACNCPA
ETag: "bc6772509035e58ae80887b4c956c946"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 42650
x-amz-id-2: HIwUHclYPjLGyhYUCnlDJ8WvssrZ3oizXrBVMl7wc7xkoYmc5o5v3qrUsapfCBf4ZlUcmxpfP9w=
Expires: Tue, 10 May 2016 18:40:33 GMT

GET
H2

200

/ Show response
give-usw.salvationarmy.org/give/506522/ Frame 25A7
Redirect Chain

https://www.classy.org/give/506522/
https://give-usw.salvationarmy.org/give/506522/

106 KB
33 KB

988ms
812ms

Document
text/html

2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give-usw.salvationarmy.org/give/506522/

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c1a55c2c49c4f583f2c1e0db000f7cfd9c4b916ba0d862469a11c6c932ff403

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://westernusa.salvationarmy.org https://socal.salvationarmy.org https://salvationarmy.org https://crestmont.edu https://www.crestmont.edu https://*.salvationarmy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://westernusa.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 822b327defb39b86-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://westernusa.salvationarmy.org https://socal.salvationarmy.org https://salvationarmy.org https://crestmont.edu https://www.crestmont.edu https://*.salvationarmy.org;
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 04:50:49 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 822b32787fa45d80-FRA
content-security-policy: frame-ancestors 'self' https://westernusa.salvationarmy.org https://socal.salvationarmy.org https://salvationarmy.org https://crestmont.edu https://www.crestmont.edu https://*.salvationarmy.org;
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 04:50:48 GMT
location: https://give-usw.salvationarmy.org/give/506522/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-content-type-options: nosniff

GET
H/1.1 200
OK 7c0f08a5-699e-416e-a4c6-1a159d72be52_11-8-Bell-Ringer-Volunteer-2.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 169 KB
169 KB 191ms
189ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/7c0f08a5-699e-416e-a4c6-1a159d72be52_11-8-Bell-Ringer-Volunteer-2.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4b9766155e2c0481e769a4befe3ad2e744d746e428d3f26833d2afa0a8c76c61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:49 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Wed, 08 Nov 2023 04:43:41 GMT
Server: AmazonS3
x-amz-request-id: VS1CHBYRCPP4G0PT
ETag: "27945acf7ad41e178d2d5b8477abac93"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 172610
x-amz-id-2: b1zve2tVMtUGHEo3fj5+ELyDQuzDgu8aUS2HsCDgBiW5ta7cd1CKMWob6b8F0NzJVvNOeFH+IMI=
Expires: Wed, 08 Nov 2023 04:43:43 GMT

GET
H/1.1 200
OK 84fc7a4e-9577-47c6-90c6-1cb32babd353_grid_trafficking-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 32 KB
32 KB 191ms
184ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/84fc7a4e-9577-47c6-90c6-1cb32babd353_grid_trafficking-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a412d8c3b7fe93e22e416fb43ee6e2e6984c973266a247e0dc825340c95f1408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:49 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:37 GMT
Server: AmazonS3
x-amz-request-id: VS16MC882JMWRHJY
ETag: "64a63f879d11570737660b2dd5329164"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 32500
x-amz-id-2: VJHWEBKLLwEAcNITyOjYcllCZjuD/ncLr+DB7XRPZbSCsv9BZT/SOAJDOZxxoOnrJ4zCYqhVWFY=
Expires: Tue, 10 May 2016 18:40:39 GMT

GET
H/1.1 200
OK 47d6d650-a43d-4e72-8805-841c0a096e73_grid_domestic_abuse-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 40 KB
40 KB 176ms
175ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/47d6d650-a43d-4e72-8805-841c0a096e73_grid_domestic_abuse-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c6f45ef695fb46cead96c90c29c020809683ba96a852fd6c1f1ec7f5199e7904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:49 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:08 GMT
Server: AmazonS3
x-amz-request-id: VS1F0N22C9T966SA
ETag: "5f14c37e81c7d15247987e1adf22bfb4"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 40630
x-amz-id-2: sxOPJdysm3CDVhQJLZb3szNO4jQ+9HgfZgDriTEWezCBHw933W6m5N+oWZ6zVCcviIMl0epVLxY=
Expires: Tue, 10 May 2016 18:40:10 GMT

GET
H/1.1 200
OK 7d887534-f503-4436-bcbd-fd11bd6dac73_grid_families-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 80 KB
80 KB 204ms
203ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/7d887534-f503-4436-bcbd-fd11bd6dac73_grid_families-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4d68d71ad1d6d3e54e3256e40ababfb5b6fb1d02f59b7f8d699c0b5b94efb133

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:49 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:15 GMT
Server: AmazonS3
x-amz-request-id: VS13RYP36YNM5R5S
ETag: "fd6c6729794e49ea3035c57bb3c7be67"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 81954
x-amz-id-2: 4OeWHCtIlyNSdAAchtEXDzdhESg2/cHX/dQjaJD9WlhdhTsZWYPKt2AJxExraL9aKl+oww6dZVE=
Expires: Tue, 10 May 2016 18:40:17 GMT

GET
H/1.1 200
OK 83bc2189-dabb-4e58-8537-898ee6d745f6_grid_education-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 33 KB
33 KB 177ms
177ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/83bc2189-dabb-4e58-8537-898ee6d745f6_grid_education-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 171fda7da00357598dfcf15a5df20cb295b20f0af64c42703d624209c2c1ccaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:49 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:09 GMT
Server: AmazonS3
x-amz-request-id: VS18AW5NTY197AA7
ETag: "413818b4c56bf2a5c6ef9a713d4eae9b"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 33597
x-amz-id-2: ZPILgqXdl7P1kVmzeEICEf5R2IkYiQ4e9ZvZTPvtM4C6Z1G2A1R4HFErnAg/nHgRE9msVnEbLHs=
Expires: Tue, 10 May 2016 18:40:11 GMT

GET
H/1.1 200
OK 56d8b101-1947-4e96-b72a-8f2ddde92340_grid_music-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 75 KB
76 KB 207ms
206ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/56d8b101-1947-4e96-b72a-8f2ddde92340_grid_music-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f3f4e6aa9a48efcdf656b48fdd85eeb37f66ea09ed8c04569452243c4f6faafa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:49 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:25 GMT
Server: AmazonS3
x-amz-request-id: VS13VM1NJGR91V8F
ETag: "033632f473af753f3e00d5ab3a6bca15"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 77009
x-amz-id-2: q8ycIGachOp/np9TxbpaBGiyVsTZY1refpivIDGcRzSoAM3yB171nGrW8DWBDUIQxiKFyL6sQmM=
Expires: Tue, 10 May 2016 18:40:27 GMT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflA_CqEQ/ 20 KB
8 KB 62ms
9ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflA_CqEQ/www-widgetapi.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a38eb79a61ef2cdeab1a3dbda7609f4acb515494c5aac829ac87c6ba6be1ad9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 470580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7690
x-xss-protection: 0
last-modified: Wed, 04 Apr 2018 02:22:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Nov 2023 18:07:48 GMT

GET
H/1.1 200
OK last-event-tag-latest.min.js Show response
www.everestjs.net/static/le/ 8 KB
4 KB 484ms
155ms Script
text/javascript 23.212.212.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.212.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-212-65.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 647722dd9a79ca1027ab5c91a471e7b87a3a09d403d71cddfb4dd04c3afab6b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Date: Wed, 08 Nov 2023 04:50:48 GMT
Last-Modified: Tue, 31 Oct 2023 10:36:39 GMT
Server: AmazonS3
x-amz-request-id: 4E8SAG9D80BC6ZH7
ETag: "f461dc0277c3dd4e63a464e67218aead"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3114
x-amz-id-2: LXndj1CxlvPomyeDaeCsK8UHq/PHyq6y8YNiTdMkvNtRRKNWYd/7lSBbaSXg2i07Bf6yakc7cm4=

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 59ms
35ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9f8a2c12a04d9ac4408a2e31569abedeac96e4817b3e3b25e10a80cff9fc200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 08 Nov 2023 04:50:48 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 36ms
7ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 utag.146.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 3 KB
2 KB 394ms
393ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.146.js?utv=ut4.46.202309132003
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70a0b250d3a5b19ebcc1331289848515d9368fc58f2ddb138b388a1f7790c176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: .XKQJXTRVm4.gWSi.VOMRTniesQZ3osm
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"2a1511a407cb91f90b95eed940092ea0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: EM6hoPXuYrtZ_EbfM9ST55-wLGVdeXESE8X1EtTwbE6wFnFHJ_4aaw==

GET
H2 200 utag.118.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 4 KB
2 KB 385ms
384ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.118.js?utv=ut4.46.202308101401
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5041548590e3f4d40b75316377b09cb408463ac22bec12a49e14a8d549591b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 9GGH.oRTb8IKIb2Y7LGf6SJmmNaCe0Ou
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"eccda461d9a6ba9cd26fdf59c1a9bcc8"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Xc1ColhS24VZqfrUG0KONyUhyFtcsCRWGhWP_OnKYJsrViSQsG4xiA==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 3 KB
2 KB 128ms
32ms XHR
application/json 34.254.109.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=20A0289659302A7E0A495D28%40AdobeOrg&d_nsid=0&ts=1699419048019

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.109.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-109-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5909a4574982bcb076962653c274751f84107e989f4bc18836e7766e5f63d858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://westernusa.salvationarmy.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v053-0a7032c9b.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: M/8T+YEpTi0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://westernusa.salvationarmy.org
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1186
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame D184 0
0 64ms
12ms Document
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash

Request headers

Referer: https://westernusa.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Wed, 08 Nov 2023 04:50:47 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 06CA 0
0 50ms
13ms Document
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash

Request headers

Referer: https://westernusa.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Wed, 08 Nov 2023 04:50:47 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

GET
H2 204 4d6156da3388f1e8
pixel.sitescout.com/iap/ 0
191 B 52ms
14ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/4d6156da3388f1e8
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 f1f6a64460683cfe
pixel.sitescout.com/iap/ 0
191 B 51ms
13ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/f1f6a64460683cfe
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:47 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 utag.27.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 2 KB
1 KB 408ms
399ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.27.js?utv=ut4.46.201711152243
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59406193524126971712d57081215abc2cad6765db343400ae34ea5b92c29ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: SdY6eN1eAOdDgw9XJqr9oRG4MIY3m.pj
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"819fbb3f49f59e7d9f20541696f23c51"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: NRY61DFmWtWPR34WDK_WPpJc0ADypXstHeL9AsJfFrYJPz0WrGlDvw==

GET
H2 200 utag.28.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 2 KB
1 KB 412ms
404ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.28.js?utv=ut4.46.201709202337
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7ede4c1ce1326fe200631cb658a7c7148f8d35478a32206d633745c4ba37994

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: gH9RKBxtQBWKOnWDH196uV7xqtRLjmqS
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"630cdb443888e10dc051333a86a2280a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: cVRBc1zj_IRr0Pytzyy70RoCHg4PvzruY8WmMuqokcrJXjsui68Q6w==

GET
H2 200 utag.23.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 4 KB
2 KB 404ms
396ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.23.js?utv=ut4.46.201709202337
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8093cecf806c0f1709b935f5e4d08b7d3368994980378c25a2cbaf9bc2775956

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: nlADvMDzArapfyJDlz1ymTIHHYN2UnTL
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"b2fc958b8e8e7d7bdb983355c1ff1d7e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: GbAGu3RVdwF1I62cF_IrfiO2RtNoBDP91g5U84dprbPxHzoZo3ROkQ==

GET
H2 200 utag.24.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 4 KB
2 KB 403ms
395ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.24.js?utv=ut4.46.202112031942
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18ee1b868ddc68c914411437b515c36fbcc913dee5699e6e70df814535c71a8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: vXfCrFP3.L0WHaomJ.BU5Eln1ZW1L4hF
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"62c755fea7224c1273c67198a010d13d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: aufbnsQl4lEio0RJQGgsmTZKsB_ioLmTH480VaNrPXeV8Aq2mUHAwA==

GET
H2 200 utag.53.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 2 KB
1 KB 403ms
395ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.53.js?utv=ut4.46.201709202337
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 968d1ca52c4cac48c44ea38933cb5759c9b943e6a3cc0f6c06b70cb9160f05ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: jOrcgj7RjBDLTn02PkiH4HMdLkctdHU_
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"84b2f2818b0247b9e53e93c54f4eac12"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: SEXHUeovvJwOrPpB-WgOy1XSdpOOUZsqyLVkgG2H8w-p-Sk_QhVnFA==

GET
H2 200 utag.77.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 89 KB
30 KB 397ms
389ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.77.js?utv=ut4.46.202310241739
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a003c39315be3354ad28c1b73eeb796128241c3fc9690643e5439ed644f28d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 4rXlUpSg3qWerGUNChnamusOFrj9TodG
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"2717dfda70a6304e228928f52dcce9fa"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: m8-SE1YwH_p35laysldJqMk1q1DV8BKBkz2WYNkmsmSLaUTWl0DMGQ==

GET
H2 200 utag.79.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 22 KB
5 KB 406ms
399ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.79.js?utv=ut4.46.202309132003
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4464d35be8540eee45ade3178b2fb356622714b75758fb54a6ee24af5d61a12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: .vzRcqbndneUN7ZqOHaiIAB7D58MqjSh
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"62cbbfb4dd1923f33f25bcae5f4702c6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 2b0Bevi2CzsNU4lEInCyVE2niFChS7a2jk-nR2eqIPImYCuPeJsyrA==

GET
H2 200 utag.101.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 2 KB
1 KB 404ms
397ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.101.js?utv=ut4.46.201711152243
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f4dabfbe1019695714fdd06f0a97fa23fcd2b0e33fac3a228ee7a2fb2628706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 5QPI9d9sLKVBfWwrwrEqk1KsLD6uxn.L
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"8fb7f8438b7276b31c2662a03a37fb71"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: rn8ZlKgYiwhju7SH7AqCnX-JZ-EYGKlkNE8mMGaCXECknq6XekNF1Q==

GET
H2 200 utag.117.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 10 KB
4 KB 392ms
386ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.117.js?utv=ut4.46.202009140546
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b292d234580e7864f202c4d8b35f5017d9eebcdd06410dd9295be2efec9fc213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: ZtF5u1kl7czKfBCp4S22cak63DIfeAUk
content-encoding: gzip
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"6655b5f1e49ead39bae169218212021d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Zx7UegaGNOmw9vMXuISxfIFgMrNsHvJZNGpz2hz7tsrBrmlJNK7ElQ==

GET
H2 200 utag.127.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 25 KB
5 KB 404ms
398ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.127.js?utv=ut4.46.202009140546
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e42ff03153816c195a3eac2bd3ced4b5b68ca89cd6203fd1639780c504d48c4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: uFhlfViTvO7JMn3IXqfXH05aWz4kZcWu
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"1dc1b370ab9ba2c3af38c81a16fe7581"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Kq880DXAiszWireX5eOHRsmW_fyNspI2mlfa1iTJXWnO7eVdDAQGLA==

GET
H2 200 utag.132.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 4 KB
2 KB 400ms
395ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.132.js?utv=ut4.46.202010281408
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1f63a2708bfe64bb3e6194db10e06054db1deee980ed8a399092f4966afcea1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 9qTnO6pi9HN5iRHXdK25WwK1F0hq_XV4
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"36439b4450a75efca0b851d648fd22ed"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: ed-NQSBmRA3f7_M2KY-YNJbsrA8aRTMadtm3tmRdyxLliTwgyp4sNA==

GET
H2 200 utag.133.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 25 KB
5 KB 399ms
394ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.133.js?utv=ut4.46.202010281425
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 079e0e4cf169158ef6810dd9672772aef3c4c5a512bd640efb85d0c8b907a288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: ry_eVEZrTRv7WUjObwvjtMgaUHpuuuOu
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"14b2a28961ce2af9369cf3a542b6ea54"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: RQ973O4TO-C-Ti6TOQtUZLZXbyiq6opQTYopkLCgWsh_KUdHYYd-VA==

GET
H2 200 utag.134.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 11 KB
4 KB 406ms
401ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.134.js?utv=ut4.46.202010281408
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddf957b1307b1e82f4408747558cea0802dd51348d188406540322e8ea5607f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: tU8JkupyyDw4r0qmLJ7sWMSKa4Q5bWD7
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"d0db3d7eb2afd8b202cc300e0f1dc66b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: aWQs466MNFmpI0poXtHXHhuV9EeG81yaHs0rTF2w_v2nIxPrXGg__w==

GET
H2 200 utag.139.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 17 KB
6 KB 421ms
416ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.139.js?utv=ut4.46.202207051820
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4dcb52a8e25e26359050e94bc43424d5da2eff39b81db1fc591b8ce48c129c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: B49M.JeoxipStKi8T5dyaBPaKpdaTuVb
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"a7699109dc701a911fe2898c648a2a93"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: kPW-BdAL4UVfrXe9sjM3IjMGaj_Uvm8MVpCsd-TBO_FtO-IQ847xew==

GET
H2 200 utag.150.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 4 KB
2 KB 406ms
402ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.150.js?utv=ut4.46.202209081832
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c6599c82298b91c760db8c7811d40b1126a6fe58370387e0b7e89e57aab94c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 2Dm6ba6QSZgvUuNOW4J9ojqaxnedevm_
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"5456c71649a750cf50fad395723cbe8c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: xYP9bRqi2PI-2Qof6NNo5jRI1_En1fvDsKq3keVlKSvneaexh6fwWA==

GET
H2 200 utag.210.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 22 KB
7 KB 120ms
117ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.210.js?utv=ut4.46.202309132003
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50fe4c2baefa596d52d812e357b06e89f7d1024abb99f312afa4e1b1da57eec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: FpYeulZyT72ffD_78Y3y227ZmyJMSn0B
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"6c45b727137a8b28365e87960d39325e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: PSr_sOmokFllSm0CT38m9kfSIKgruUhg2F6W8HfXKn8e1Mq72oiuQA==

GET
H2 200 utag.215.js Show response
tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/ 2 KB
1 KB 122ms
119ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/salvationarmy/sal-westernterritory/prod/utag.215.js?utv=ut4.46.202309201616
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d3880a6706d9a9e6ae9f9370eabaadeda460174fbf2385ed316681d1103ff56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: j57pBEyl_kS9_rbWQOJyckYvpTPZBhmw
content-encoding: br
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Fri, 27 Oct 2023 17:39:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
etag: W/"66d33de14bb002bbfefa8f7aeda55aa3"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 2JFOiYlWLZ5ipXsnLVO967Su_6rdbpZYCQRcxGvKmbFi6FJj6KAMiA==

GET
H/1.1 200
OK dest5.html Show response
thesalvationarmy.demdex.net/ Frame 05F9 7 KB
3 KB 155ms
30ms Document
text/html 34.252.33.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thesalvationarmy.demdex.net/dest5.html?d_nsid=0

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.33.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-33-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://westernusa.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v053-03bb411ba.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: fxyJOsTaTvQ=
content-encoding: gzip
date: Wed, 8 Nov 2023 04:50:48 GMT
last-modified: Thu, 26 Oct 2023 11:20:23 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
thesalvationarmy.sc.omtrdc.net/ 2 B
276 B 71ms
22ms XHR
application/x-javascript 63.140.62.135
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://thesalvationarmy.sc.omtrdc.net/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=20A0289659302A7E0A495D28%40AdobeOrg&mid=64902840297544874132997120749719164045&ts=1699419048261

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://westernusa.salvationarmy.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://westernusa.salvationarmy.org
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZUsTqAAAAKvqzwN6
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=65467669184316211842981170000779011768
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUsTqAAAAKvqzwN6

42 B
942 B

31ms
31ms

Image
image/gif

34.254.109.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUsTqAAAAKvqzwN6

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

HTTP/1.1

Server

34.254.109.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-109-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v053-05bd6d36e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: /mFqfK+5S2U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUsTqAAAAKvqzwN6
Date: Wed, 08 Nov 2023 04:50:48 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200
OK 8325ba2e-8e71-449e-beff-328bcb5653ec_grid_jobs-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 29 KB
29 KB 192ms
191ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/8325ba2e-8e71-449e-beff-328bcb5653ec_grid_jobs-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 71f0b0080c3113ba45c76028d2d953598f06e2bb8e9b26cbeaed5ba22a828892

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:49 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:21 GMT
Server: AmazonS3
x-amz-request-id: VS1FRE2942GGJ0N5
ETag: "7bc9b517170eb71f18247868d6440d81"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 29216
x-amz-id-2: XNCQ0G8s9L/3yEzav9SE4Mk/0MUqfpz+m5Zouqoe9d9FyjTl4I9kTF8K/0/+8/L6jWgomI47s/U=
Expires: Tue, 10 May 2016 18:40:23 GMT

GET
H/1.1 200
OK b28620a3-2b3c-4e23-89b7-9e4454017e62_grid_addiction-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 30 KB
31 KB 179ms
178ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/b28620a3-2b3c-4e23-89b7-9e4454017e62_grid_addiction-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a670bbddce87b51a2f4d8cd4daa04e96424f6a6578594ebfca22e4bf5f72a742

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:49 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:04 GMT
Server: AmazonS3
x-amz-request-id: VS1BBTE0EVA8ZYHW
ETag: "778e8884750a71c6d45162136758a7eb"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 31019
x-amz-id-2: UJWbLHASH3KjTteTUpT7eyICyV8ZpadJ/px3fbwi+YAGa+ZNzyxswAI07m0hfS4OwFJdyoZ6cFg=
Expires: Tue, 10 May 2016 18:40:06 GMT

GET
H/1.1 200
OK 32affedc-1f1d-462d-a565-ccad98469fd7_grid_disaster-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 61 KB
62 KB 177ms
177ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/32affedc-1f1d-462d-a565-ccad98469fd7_grid_disaster-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2fa548ebf3453e814764cb66bd6241abb3ef1c1112b7956eedbd8ce910dfdbac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:49 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:06 GMT
Server: AmazonS3
x-amz-request-id: VS1FDYY3NDZH4Z68
ETag: "8906ff2e99b541470c7f365a74140590"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 62824
x-amz-id-2: 0VxWV8eLMlgIPyMqZSaA7htouUEgx0xkLhkfb3Lcb23+YU6YGsNUSHaGHFJRBeSjDUWOprlW9Kg=
Expires: Tue, 10 May 2016 18:40:08 GMT

GET
H/1.1 200
OK 13764a49-f25e-4a33-bb8a-20fc9c169f2a_grid_elderly-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 42 KB
42 KB 183ms
182ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/13764a49-f25e-4a33-bb8a-20fc9c169f2a_grid_elderly-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3b34b22f7f831bdb5f04016c22b0496679e7ffd46d4d933a21be82a99da508a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:49 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:12 GMT
Server: AmazonS3
x-amz-request-id: VS16Q1899CDAHGM5
ETag: "be5b521e536328364cf44ffb8938aa81"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 42504
x-amz-id-2: ZQTIHpC92Lgj5VmyCghXShC+G3MnbNdYf4P7WB/vXVK1ozJL4qddtCUrpL3jICc8mwBecr0gLVc=
Expires: Tue, 10 May 2016 18:40:14 GMT

GET
H/1.1 200
OK a384a349-dd5a-4124-8da3-1bbc9ce9aa57_grid_veterans-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 26 KB
27 KB 183ms
183ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/a384a349-dd5a-4124-8da3-1bbc9ce9aa57_grid_veterans-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0674837a4ce811b14767caa92af09b8e7f6397a465469564b949c21144c5ac99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:49 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:38 GMT
Server: AmazonS3
x-amz-request-id: VS129KBN1F4KSCFZ
ETag: "13b4a8831533f16b78d29506c4384b32"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 27038
x-amz-id-2: 8JeADwNyuZANQhAeRPu6HHHOJeeLsUOuECCqxxQp/NEBb/pNPfmHzqgIoae9eGG/P1Wgn6TK50o=
Expires: Tue, 10 May 2016 18:40:40 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 23ms
7ms Image
image/gif 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1699419048275&id=t2_8x24ctfw&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=c82ef66b-6a49-40f3-ac39-5e97295aa684&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 json Show response
thesalvationarmy.tt.omtrdc.net/m2/thesalvationarmy/mbox/ 96 B
868 B 122ms
42ms XHR
application/json 66.235.152.152
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://thesalvationarmy.tt.omtrdc.net/m2/thesalvationarmy/mbox/json?mbox=target-global-mbox&mboxSession=26c374d386ba42a0bd766e349600f214&mboxPC=&mboxPage=768cf92cbb3a4f0e946f64f42ce1e5c6&mboxRid=f6bd612946004891b34d3b0be00ea73d&mboxVersion=1.8.2&mboxCount=1&mboxTime=1699422648300&mboxHost=westernusa.salvationarmy.org&mboxURL=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&pageName=SAL%3AUSW%20%7C%20homepage&site_type=SAL%3AUSW&site_section=Home&headerLinksToNationalForm=false&givingToolbarLinksToNationalForm=false&territory_division_corp=SAL%3AUSW&mboxMCSDID=303841548A4F2F94-1074D5066C6B2984&vst.trk=thesalvationarmy.sc.omtrdc.net&vst.trks=thesalvationarmy.sc.omtrdc.net&mboxMCGVID=64902840297544874132997120749719164045&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.152 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-66-235-152-152.data.adobedc.net

Software

jag /

Resource Hash

c3c9db6ed7374c1370ecfdfa08136c663b213196f9e4d00730023f5ece9a47f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
content-length: 96
x-xss-protection: 1; mode=block
x-request-id: f6bd612946004891b34d3b0be00ea73d
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: jag
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://westernusa.salvationarmy.org
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 scevent.min.js Show response
sc-static.net/ 39 KB
17 KB 55ms
25ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 58d83726e6b43d3d9ad01849b069e230e1c5194f54de4d2b1039e1aea2d9b101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
content-encoding: gzip
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 16941
x-amz-cf-id: eEfnlFjvo8TVmBQz4l764f0RwBNRowsYkk7DXmXolQuUmTF_ftc69Q==

GET
H3 200 130990502032167 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 664ms
663ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/130990502032167?v=2.9.138&r=stable&domain=westernusa.salvationarmy.org

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e30cc830df87c1c7ac1ee161b8a09fc0237308b1dca66a3644064bd56d0f931

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Nov 2023 04:50:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: /h3D2xymiOJN2V5QuIh3g0seJlH4DeRdpfVr1xSkG3sCqKHBcVaHy5LbySWa3q9lwrslfgD8Dsav6Xv+dOaf4w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
53 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Nov 2023 04:50:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 3O6enJwLMJe9ilqD1Xx63nvvwuQ0CukeJtBNNN2pAqpC47+rzNGV035PZP4g3MlM6UV8y69HwQ8dhXHschoGvg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 c866382f-56d6-4b6d-858d-c881ec296b0c.js Show response
tr.snapchat.com/config/org/ 173 B
459 B 37ms
16ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/org/c866382f-56d6-4b6d-858d-c881ec296b0c.js?v=3.4.16-2311071811

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

f312ad0ad4595ab9e612868798f90c5bff04f507781cfb9084102e0aec5e2c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://westernusa.salvationarmy.org/
Origin: https://westernusa.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://westernusa.salvationarmy.org
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 7151 0
201 B 35ms
17ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=c866382f-56d6-4b6d-858d-c881ec296b0c&u_scsid=30797775-41ce-4a53-80d7-ca3434606a40&u_sclid=c8b5106c-4c30-484b-836a-fbc252545e88

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://westernusa.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 08 Nov 2023 04:50:48 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 lightbox_inline.js Show response
www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/ 2 KB
1 KB 705ms
670ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/lightbox_inline.js
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51864fe340507c4ba2adac9014f53d4ad5d0df17a9127a898c9ed6f1c1d1f3ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 04:50:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 01 Nov 2023 20:11:17 GMT
content-md5: LHj7JB5D8hMq0oc8oGwFXQ==
server: cloudflare
cf-polished: origSize=2532
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 74ea5712-e01e-0047-091e-0dc75b000000
x-ms-version: 2009-09-19
cf-ray: 822b327cae660378-FRA

GET
H2 200 p-d5N1L76OG6H12.gif
cms.quantserve.com/pixel/ 35 B
373 B 87ms
21ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-d5N1L76OG6H12.gif?idmatch=0&partner_user_id=018bad44c8370017f37056d35c6103074002506c00b08&tealium_account=salvationarmy&tealium_profile=sal-westernterritory

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK 235a1a83-58e7-4187-a940-6b2ffa4e1c23_grid_love-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 47 KB
47 KB 181ms
180ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/235a1a83-58e7-4187-a940-6b2ffa4e1c23_grid_love-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: daa342ae0a2e95be18d206a8358ecf73193f2a1d6455eb29ac8b2907ae9db6e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:49 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:23 GMT
Server: AmazonS3
x-amz-request-id: VS12053WAQ867JCZ
ETag: "349efb8d8b5f6a89d699c900ae7f3059"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 47707
x-amz-id-2: unwb3BtbP54+bJGm0Md5ZOsdNyQvdUeF0Z64FFlC4lAJczdAJB5Z6RHpTyPCE2n6P88NDdf/OO8=
Expires: Tue, 10 May 2016 18:40:25 GMT

GET
H/1.1 200
OK 5c48119a-5e78-4400-b1c0-438486ed3164_grid_need-lg.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 71 KB
72 KB 200ms
200ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/5c48119a-5e78-4400-b1c0-438486ed3164_grid_need-lg.jpg
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: deb3c0eddfb3d22d66f79e532d49c33890f0b123fde1960ae2b2bf5ede390114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:49 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Tue, 10 May 2016 18:40:26 GMT
Server: AmazonS3
x-amz-request-id: VS13DRN09SR56AV3
ETag: "ab4a317967d4f7b155a3d028424764d6"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 73003
x-amz-id-2: jR3wwU8ioBPTEZkkzLuxHJYLxrvfThriExc6CJdz4Izi+W/rAgoR56mCkcLrR5iaezC7B+DW6C8=
Expires: Tue, 10 May 2016 18:40:29 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=8160306291098026259
dpm.demdex.net/ Frame 05F9
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8160306291098026259

42 B
942 B

35ms
35ms

Image
image/gif

34.254.109.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=8160306291098026259

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

HTTP/1.1

Server

34.254.109.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-109-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v053-06016bb7f.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: He3rYItqSpc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=8160306291098026259
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-788785286&l=dataLayer&cx=c

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe0d7cbb8f36aa34b4961c1767165286712df8bf371fcc8516f27d9e624f262c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72099
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Nov 2023 04:50:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-788785286

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5949d5ddcab8ece573a3a4c68ac3ff466840a68fcacf2aebb35059e7f837ad3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72119
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Nov 2023 04:50:48 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 161ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 08 Nov 2023 04:50:48 GMT
last-modified: Fri, 20 Oct 2023 01:13:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2DE36EE33234429FB10B47D2C0D967D1 Ref B: FRAEDGE1221 Ref C: 2023-11-08T04:50:48Z
etag: "0125f9ff22da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13079

GET
H3

200

activityi;dc_pre=COTc4KXNs4IDFc7ROwIdpYcNtA;src=10359058;type=retar0;cat=sitew0;ord=9609463096988.713 Show response
10359058.fls.doubleclick.net/ Frame 415E
Redirect Chain

https://10359058.fls.doubleclick.net/activityi;src=10359058;type=retar0;cat=sitew0;ord=9609463096988.713?
https://10359058.fls.doubleclick.net/activityi;dc_pre=COTc4KXNs4IDFc7ROwIdpYcNtA;src=10359058;type=retar0;cat=sitew0;ord=9609463096988.713?

337 B
208 B

51ms
50ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10359058.fls.doubleclick.net/activityi;dc_pre=COTc4KXNs4IDFc7ROwIdpYcNtA;src=10359058;type=retar0;cat=sitew0;ord=9609463096988.713?

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

eb3bbcbfec8f49c46edf60bf3fc29367a01da2451148bc7b222088fc62b39b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://westernusa.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 04:50:48 GMT
expires: Wed, 08 Nov 2023 04:50:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 04:50:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10359058.fls.doubleclick.net/activityi;dc_pre=COTc4KXNs4IDFc7ROwIdpYcNtA;src=10359058;type=retar0;cat=sitew0;ord=9609463096988.713?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

blank.gif
cache.vindicosuite.com/creative/
Redirect Chain

https://mpp.vindicosuite.com/mpp/?y=2&t=i&tp=1&clid=250&pixid=99102584&rnd=0.4432202982803186
https://cache.vindicosuite.com/creative/blank.gif

49 B
221 B

92ms
14ms

Image
image/gif

93.184.220.12
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.vindicosuite.com/creative/blank.gif
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Server: 93.184.220.12 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8B) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
last-modified: Mon, 15 May 2017 18:51:23 GMT
server: ECS (amb/6B8B)
age: 291836
etag: "2426206463"
x-cache: HIT
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 49
expires: Wed, 15 Nov 2023 04:50:48 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
via: 1.1 google
server: 23bedf3be08dfe44fdd8a269043fb77218e182a5c5c86c11a38548e544aeab08
access-control-allow-methods: GET, HEAD, POST, TRACE, OPTIONS
p3p: CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
access-control-allow-origin: *
location: https://cache.vindicosuite.com/creative/blank.gif
content-type: text/html;charset=ISO-8859-1
cache-control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 123ms
7ms Script
application/x-javascript 2600:9000:214f:ba00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ba00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:23:20 GMT
content-encoding: gzip
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Nov 2023 04:23:10 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: FRA53-C1
age: 1648
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: fYYN5t3pxNy3vUFv4faSgazN-OI8mCSTcjc1PiIG6118TwQLwJqtTw==
expires: Wed, 08 Nov 2023 05:23:20 GMT

GET
H2 200 ActivityServer.bs Show response
bs.serving-sys.com/BurstingPipe/ Frame 23E9 1 KB
987 B 76ms
9ms Document
text/html 3.124.24.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/BurstingPipe/ActivityServer.bs?cn=as&ActivityID=550371&ifrm=1&rnd=792605
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.24.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-24-218.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET ARR/3.0 ASP.NET
Resource Hash: e619244f2d6af3c8e90d271c259d35374d6d1da6d260eca352bbf18f7520d7c5

Request headers

Referer: https://westernusa.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store
content-encoding: gzip
content-length: 670
content-type: text/html; charset=UTF-8
date: Wed, 08 Nov 2023 04:50:48 GMT
expires: Sun, 05-Jun-2005 22:00:00 GMT
p3p: CP="NOI DEVa OUR BUS UNI" CP="NOI DEVa OUR BUS UNI"
pragma: no-cache
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET ARR/3.0 ASP.NET

GET
H2 200 ActivityServer.bs Show response
bs.serving-sys.com/BurstingPipe/ Frame BFD2 1 KB
987 B 75ms
9ms Document
text/html 3.124.24.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/BurstingPipe/ActivityServer.bs?cn=as&ActivityID=485783&ifrm=1&rnd=561576
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.24.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-24-218.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET ARR/3.0 ASP.NET
Resource Hash: 339ce996239e7c571e51f417398571602561e3d6bf66c59e1df61f085490b419

Request headers

Referer: https://westernusa.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store
content-encoding: gzip
content-length: 670
content-type: text/html; charset=UTF-8
date: Wed, 08 Nov 2023 04:50:48 GMT
expires: Sun, 05-Jun-2005 22:00:00 GMT
p3p: CP="NOI DEVa OUR BUS UNI" CP="NOI DEVa OUR BUS UNI"
pragma: no-cache
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET ARR/3.0 ASP.NET

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:11:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Nov 2023 05:11:43 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 03:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3556
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 08 Nov 2023 05:51:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
73 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-578873086&l=dataLayer&cx=c

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d51b326d2d511aa9e6c693da628be438fcd3ec1dd6a6660e65e9c17b6dd1974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74258
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Nov 2023 04:50:48 GMT

GET
H2 200 TC-5193-1.gif
pt.ispot.tv/v2/ 43 B
315 B 110ms
8ms Image
image/gif 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-5193-1.gif?app=web&type=visit
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET
H2 200 xyz.js Show response
getrockerbox.com/assets/ 48 KB
10 KB 217ms
116ms Script
application/javascript 172.64.109.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/assets/xyz.js
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.109.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26494c945e5b218b61d98e8be7fc6a3b4b04916f7fc03521187c418b998f9373

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qdprAvtMES8P1RZ10wf2rbFOad1u4gzMlVZdX93Q%2FGcbba7IOVt8OTiU%2BxV47bRJTYvtGJnAMXn5vuHU3QSPMQrUq5GFFFnvMK5%2B2lBB%2FCmq8dbYCTqALqufAF7TpcdUxAF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 822b327decbc9128-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 i.gif Show response
collect.tealiumiq.com/salvationarmy/sal-donate/2/ 43 B
782 B 108ms
11ms XHR
image/gif 35.156.25.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/salvationarmy/sal-donate/2/i.gif
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.25.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-25-133.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://westernusa.salvationarmy.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryb8YJ7lDKGU6zSGzm

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
x-serverid: uconnect_i-0a1d39c5cc0fc0eac
x-tid: 018bad44c8370017f37056d35c6103074002506c00b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: salvationarmy:sal-donate:2:datacloud
x-region: eu-central-1
content-length: 43
pragma: no-cache
x-did: 018bad44c8370017f37056d35c6103074002506c00b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://westernusa.salvationarmy.org
x-ulver: 4bb846e2e501519553128de7f6086cbab0afd597-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: e237f646-35dc-4b2b-9ef1-900e59fb7cd1
expires: Wed, 08 Nov 2023 04:50:48 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 7ms
7ms Script
application/javascript 2600:9000:21f3:c600:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=salvationarmy/sal-westernterritory/202310271737&cb=1699419048531
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Wed, 08 Nov 2023 04:48:44 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 126
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: jZjSFmCdE0W7ozNxwWIAIe9BDqseST1RBiKECYrOzqt5avcXytkbnQ==

GET
H/1.1

200
OK

ibs:dpid=1175&&dpuuid=Rux-UkHqKwhd7ngBSO9nUhPgeQZd6X4FEegPvqOE
dpm.demdex.net/ Frame 05F9
Redirect Chain

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=Rux-UkHqKwhd7ngBSO9nUhPgeQZd6X4FEegPvqOE

42 B
942 B

32ms
32ms

Image
image/gif

34.254.109.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=Rux-UkHqKwhd7ngBSO9nUhPgeQZd6X4FEegPvqOE

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

HTTP/1.1

Server

34.254.109.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-109-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v053-0282bcd75.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 8L8aMLOiSFA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=Rux-UkHqKwhd7ngBSO9nUhPgeQZd6X4FEegPvqOE
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 s37755950110259
thesalvationarmy.sc.omtrdc.net/b/ss/tsa.global/1/JS-2.22.0/ 43 B
202 B 20ms
19ms Image
image/gif 63.140.62.135
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thesalvationarmy.sc.omtrdc.net/b/ss/tsa.global/1/JS-2.22.0/s37755950110259?AQB=1&ndh=1&pf=1&t=8%2F10%2F2023%205%3A50%3A48%203%20-60&sdid=303841548A4F2F94-1074D5066C6B2984&mid=64902840297544874132997120749719164045&aamlh=6&ce=UTF-8&cdp=2&pageName=SAL%3AUSW%20%7C%20homepage&g=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&cc=USD&ch=Home&server=westernusa.salvationarmy.org&events=event28%3D&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&v1=SAL%3AUSW%20%7C%20homepage&c2=westernusa.salvationarmy.org&v2=SAL%3AUSW&c3=SAL%3AUSW&c6=18&c12=D%3Dmid&v21=Not%20Logged%20In&v33=D%3Dmid&v42=Main%20%3A%20SAL%3AUSW&v50=SAL%3AUSW%20%7C%20homepage&v57=westernusa.salvationarmy.org%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=20A0289659302A7E0A495D28%40AdobeOrg&AQE=1

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Nov 2023 04:50:48 GMT
server: jag
etag: 3649474616919851008-4617794767594973531
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 07 Nov 2023 04:50:48 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/788785286/ 3 KB
2 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/788785286/?random=1699419048643&cv=11&fst=1699419048643&bg=ffffff&guid=ON&async=1&gtm=45be3b60&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Salvation%20Army%20Western%20Territory&auid=2145807206.1699419049&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

909be32618ee045a87b529c10b6e486cc2568c419bae026ab23e2dac6c152020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1277
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p
tr.snapchat.com/ 0
101 B 18ms
17ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://westernusa.salvationarmy.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://westernusa.salvationarmy.org
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 serving
bs.serving-sys.com/ Frame 05F9 0
105 B 29ms
7ms Image
text/plain 3.124.24.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=1&euuid=65467669184316211842981170000779011768&redir=true
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.24.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-24-218.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H2 200 018bad44c8370017f37056d35c6103074002506c00b08 Show response
visitor-service-eu-central-1.tealiumiq.com/salvationarmy/sal-donate/ 33 B
251 B 38ms
8ms Script
application/javascript 18.197.205.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-eu-central-1.tealiumiq.com/salvationarmy/sal-donate/018bad44c8370017f37056d35c6103074002506c00b08?callback=utag.ut%5B%22writevasal-donate%22%5D&rnd=1699419048669

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.205.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-205-175.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ef8cfef27669c7a25e004be58c65be3389d1629d2b26555251484f191e7acab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-version: 63c99fc7e1c47bf72de1dfb396fbc4abb7a6ef4b-SNAPSHOT
date: Wed, 08 Nov 2023 04:50:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: eu-central-1
content-length: 33
x-nodeid: i-0d4bc365a367ca5a5
content-type: application/javascript; charset=utf-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=672763463&t=pageview&_s=1&dl=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&dp=%2F&ul=en-us&de=UTF-8&dt=SAL%3AUSW%20%7C%20homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEIJBAAAACAOI~&jid=1363480754&gjid=1060898387&cid=1502720560.1699419047&tid=UA-51388709-1&_gid=1381699707.1699419047&_slc=1&cd3=SAL%3AUSW&z=1020270715

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://westernusa.salvationarmy.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://westernusa.salvationarmy.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-51388709-1&cid=1502720560.1699419047&jid=1363480754&gjid=1060898387&_gid=1381699707.1699419047&_u=aGDAiEIJBAAAAGAOI~&z=2135051553

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://westernusa.salvationarmy.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Nov 2023 04:50:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://westernusa.salvationarmy.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ca.html Show response
20682257p.rfihub.com/ Frame F5ED 5 KB
6 KB 132ms
19ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20682257p.rfihub.com/ca.html?ver=9&rb=5041&ca=20682257&t=home&pe=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&pf=&ra=6868560472708869
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 2fc35a13f316643ea2f2403e13dc177769384419662da0c9ac8d6f3eac0590c9

Request headers

Referer: https://westernusa.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 4925
Content-Type: text/html;charset=utf-8
Date: Wed, 08 Nov 2023 04:50:48 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK ca.html Show response
20682259p.rfihub.com/ Frame 2ECA 5 KB
6 KB 134ms
19ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20682259p.rfihub.com/ca.html?ver=9&rb=5041&ca=20682259&t=home&pe=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&pf=&ra=23852847592169746
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 08a8dc04d52d1fd9de2930cc9c6e39f994eddcd039de193078b602670f5ac914

Request headers

Referer: https://westernusa.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 4925
Content-Type: text/html;charset=utf-8
Date: Wed, 08 Nov 2023 04:50:48 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 204 30004198.js Show response
bat.bing.com/p/action/ 0
116 B 31ms
31ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/30004198.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 08 Nov 2023 04:50:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 845D97E4369D498096FDC3719C1AFDD1 Ref B: FRAEDGE1221 Ref C: 2023-11-08T04:50:48Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 35ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=30004198&Ver=2&mid=b412a05d-081b-4f0c-a3d3-20b35c8c14a7&sid=62b8d1f07df211ee9c68f1fefddc76e2&vid=62b915107df211eeafb807df1e85d156&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Salvation%20Army%20Western%20Territory&p=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&r=&lt=2248&evt=pageLoad&sv=1&rn=10518

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 08 Nov 2023 04:50:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C9A7ABD070DF40A79D2602F5E4BEE80F Ref B: FRAEDGE1221 Ref C: 2023-11-08T04:50:48Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 30000608.js Show response
bat.bing.com/p/action/ 0
116 B 38ms
34ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/30000608.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 08 Nov 2023 04:50:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 114D8F0D09B749928E800695F1B35566 Ref B: FRAEDGE1221 Ref C: 2023-11-08T04:50:48Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
230 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=30000608&Ver=2&mid=14cc5df7-9832-46ea-bab7-b0724efdee4a&sid=62b8d1f07df211ee9c68f1fefddc76e2&vid=62b915107df211eeafb807df1e85d156&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Salvation%20Army%20Western%20Territory&p=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&r=&lt=2248&evt=pageLoad&sv=1&rn=719181

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 08 Nov 2023 04:50:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2B6B9C89FE2B44B49CE2BE43E9A36E49 Ref B: FRAEDGE1221 Ref C: 2023-11-08T04:50:48Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/578873086/ 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/578873086/?random=1699419048720&cv=11&fst=1699419048720&bg=ffffff&guid=ON&async=1&gtm=45be3b60&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Salvation%20Army%20Western%20Territory&did=dYmQxMT&gdid=dYmQxMT&auid=2145807206.1699419049&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35c2f50cee657248e47baabb3d7fff387ff4297b53e7bf3f540a646efdf4a423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 20ms
19ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-51388709-1&cid=1502720560.1699419047&jid=1363480754&_u=aGDAiEIJBAAAAGAOI~&z=967651059

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 38ms
17ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-51388709-1&cid=1502720560.1699419047&jid=1363480754&_u=aGDAiEIJBAAAAGAOI~&z=967651059

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COTc4KXNs4IDFc7ROwIdpYcNtA;src=10359058;type=retar0;cat=sitew0;ord=9609463096988.713
adservice.google.com/ddm/fls/z/ Frame 415E 42 B
118 B 44ms
43ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COTc4KXNs4IDFc7ROwIdpYcNtA;src=10359058;type=retar0;cat=sitew0;ord=9609463096988.713

Requested by

Host: 10359058.fls.doubleclick.net
URL: https://10359058.fls.doubleclick.net/activityi;dc_pre=COTc4KXNs4IDFc7ROwIdpYcNtA;src=10359058;type=retar0;cat=sitew0;ord=9609463096988.713?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10359058.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ebAttribution.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ Frame BFD2 24 KB
8 KB 80ms
19ms Script
application/javascript 193.108.153.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebAttribution.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/BurstingPipe/ActivityServer.bs?cn=as&ActivityID=485783&ifrm=1&rnd=561576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 021096b48b7c0d34e117329d008bd99361df68ed12264f1408159b5e60f4a2a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bs.serving-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
content-encoding: gzip
x-amz-request-id: XKGM7DVZ7RXAEX0Z
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
content-length: 7545
x-amz-id-2: ii6FZRynNXzCxG3ah5l6+FSCdMjPEClVAJCo5HobmEBuOECJvT175MxRk7LMg5orhBeC4oxMC0M=
last-modified: Wed, 06 Sep 2023 14:35:36 GMT
server: AmazonS3
etag: "01a591a59737ca3d258e74853f9954de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
x-amz-cf-id: 7_ZqSNpCc7tip9Sz56tdgGC68aZ7sjYpuVZCH8zA3zoWF3JMlUt8jA==

GET
H2 200 ebAttribution.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ Frame 23E9 24 KB
8 KB 75ms
18ms Script
application/javascript 193.108.153.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebAttribution.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/BurstingPipe/ActivityServer.bs?cn=as&ActivityID=550371&ifrm=1&rnd=792605
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-28.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 021096b48b7c0d34e117329d008bd99361df68ed12264f1408159b5e60f4a2a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bs.serving-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
content-encoding: gzip
x-amz-request-id: XKGM7DVZ7RXAEX0Z
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
content-length: 7545
x-amz-id-2: ii6FZRynNXzCxG3ah5l6+FSCdMjPEClVAJCo5HobmEBuOECJvT175MxRk7LMg5orhBeC4oxMC0M=
last-modified: Wed, 06 Sep 2023 14:35:36 GMT
server: AmazonS3
etag: "01a591a59737ca3d258e74853f9954de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=879
accept-ranges: bytes
x-amz-cf-id: 7_ZqSNpCc7tip9Sz56tdgGC68aZ7sjYpuVZCH8zA3zoWF3JMlUt8jA==

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 05F9
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=65467669184316211842981170000779011768&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=65467669184316211842981170000779011768&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-tU5flt5E2pE8WeX9qI3clAFz06yZL9kV0Y8-~A

42 B
942 B

32ms
31ms

Image
image/gif

34.254.109.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-tU5flt5E2pE8WeX9qI3clAFz06yZL9kV0Y8-~A

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

HTTP/1.1

Server

34.254.109.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-109-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v053-0df895430.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: FIs2F/dwSOU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-tU5flt5E2pE8WeX9qI3clAFz06yZL9kV0Y8-~A
date: Wed, 08 Nov 2023 04:50:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 /
www.google.com/pagead/1p-user-list/788785286/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/788785286/?random=1699419048643&cv=11&fst=1699416000000&bg=ffffff&guid=ON&async=1&gtm=45be3b60&u_w=1600&u_h=1200&url=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&frm=0&tiba=The%20Salvation%20Army%20Western%20Territory&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNLuETrjeO0iwFNbY8an8Xgv2jrq6xdgkodrOlf_0n9s7g_ImW&random=1586595418&rmt_tld=0&ipr=y

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/788785286/ 42 B
154 B 20ms
19ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/788785286/?random=1699419048643&cv=11&fst=1699416000000&bg=ffffff&guid=ON&async=1&gtm=45be3b60&u_w=1600&u_h=1200&url=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&frm=0&tiba=The%20Salvation%20Army%20Western%20Territory&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNLuETrjeO0iwFNbY8an8Xgv2jrq6xdgkodrOlf_0n9s7g_ImW&random=1586595418&rmt_tld=1&ipr=y

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrations Show response
getrockerbox.com/ 42 B
308 B 112ms
112ms Script
text/javascript 172.64.109.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/integrations?source=salvation_army
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.109.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e9e1722cffa254dc5061e3d89fc40a4faec0cd7d44819923657d498e8df822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oRDeelzAW09snBQEgYGgYVRiWov2vXgSfmO1F9MARt1249TDfr7EQ8i54ln9EanyfFPiP8rCbwADPUDHBYpFPrTvvaZNU7y0thY2dTuZBmNOVFqFxuriI%2BYL%2BwtNlYiMIUr"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 822b327edd5a9128-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jpuid Show response
getrockerbox.com/ 67 B
432 B 109ms
108ms Script
text/javascript 172.64.109.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/jpuid?jsonp=RB.jsonPUID
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.109.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e0228e3f3eb115d604f65a68c9a1d4747e3877ecddd2b226dbeff45d50a9df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJpim%2FVHlOfJQoosTvGgInNIE4lnV6dsKLuveohLrL3ESRCO4yKADsRZFraG8e8yht8C3iNItbcmfjexM3FSXlnhJrXoqMglk8QkbyvaP8hblMXKCN2miDllr6nBH14WzWGB"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 822b327edd5b9128-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
www.google.com/pagead/1p-user-list/578873086/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/578873086/?random=1699419048720&cv=11&fst=1699416000000&bg=ffffff&guid=ON&async=1&gtm=45be3b60&u_w=1600&u_h=1200&url=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&frm=0&tiba=The%20Salvation%20Army%20Western%20Territory&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN-3zuZM2jBqPZIGKLquRQfiw3wt_9mFFKgjxSrPZKwwfjsiug&random=3927787108&rmt_tld=0&ipr=y

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/578873086/ 42 B
108 B 17ms
17ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/578873086/?random=1699419048720&cv=11&fst=1699416000000&bg=ffffff&guid=ON&async=1&gtm=45be3b60&u_w=1600&u_h=1200&url=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&frm=0&tiba=The%20Salvation%20Army%20Western%20Territory&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN-3zuZM2jBqPZIGKLquRQfiw3wt_9mFFKgjxSrPZKwwfjsiug&random=3927787108&rmt_tld=1&ipr=y

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

451

501709.gif
idsync.rlcdn.com/ Frame F5ED
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210828001828802&referrer=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=7e693bfe-001d-445d-a2b3-ba3a799fcabc%3A1699419048.9338665&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D7e693bfe-001d-445d-a2b3-ba3a799...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730735211994&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D7e693bfe-001d-445d-a2...
https://idsync.rlcdn.com/501709.gif?partner_uid=7e693bfe-001d-445d-a2b3-ba3a799fcabc%3A1699419048.9338665&_=1699419048.9367824

0
42 B

17ms
15ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=7e693bfe-001d-445d-a2b3-ba3a799fcabc%3A1699419048.9338665&_=1699419048.9367824
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Wed, 08 Nov 2023 04:50:49 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: FRA56-C2
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=7e693bfe-001d-445d-a2b3-ba3a799fcabc%3A1699419048.9338665&_=1699419048.9367824
content-length: 447
x-amz-cf-id: ADWdkELOq_P83kMUCW8ta-UFHSD9GDYNZg-YSYTS4zumHSUMO-293A==

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame F5ED
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgyODAwMTgyODgwMg==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEN1s0fTwyDN1oO9thRGWtps&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730735211994&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=4c975efd-d604-40a2-b881-9745ac604974%3A1699419049.1425295&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4c975efd-d604-40a2-b881-9745ac6...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730735211994&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D4c975efd-d604-40a2-b8...
https://idsync.rlcdn.com/501709.gif?partner_uid=4c975efd-d604-40a2-b881-9745ac604974%3A1699419049.1425295&_=1699419049.1462352

0
9 B

16ms
16ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=4c975efd-d604-40a2-b881-9745ac604974%3A1699419049.1425295&_=1699419049.1462352
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Wed, 08 Nov 2023 04:50:49 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: FRA56-C2
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=4c975efd-d604-40a2-b881-9745ac604974%3A1699419049.1425295&_=1699419049.1462352
content-length: 447
x-amz-cf-id: cZI9Ej-Qmw3bGnMM1I-lDovNR2bwW934VxMUAd_soeyUARGJFG29Mg==

GET
H2

200

bounce
ib.adnxs.com/ Frame F5ED
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5141210828001828802
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210828001828802

43 B
876 B

16ms
16ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210828001828802

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
an-x-request-uuid: c4b5b4bc-3b0f-4604-b130-bbd46ada648b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.76; 45.141.152.76; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
an-x-request-uuid: 1ca65621-e8b8-4a21-ad2b-b07ad210b619
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210828001828802
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.76; 45.141.152.76; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ibs:dpid=1121&dpuuid=5141210828001828802&redir=
dpm.demdex.net/ Frame F5ED 42 B
942 B 55ms
31ms Image
image/gif 34.254.109.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5141210828001828802&redir=

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.109.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-109-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v053-015a7e810.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: zP/b908HR6k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame F5ED 0
225 B 71ms
13ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5141210828001828802&r=
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 04:50:47 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame F5ED 43 B
264 B 51ms
15ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5141210828001828802&r=
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame F5ED
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5108559730735211994&bid=omt9pi0

0
344 B

38ms
8ms

Image
text/plain

18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5108559730735211994&bid=omt9pi0
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:48 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5108559730735211994&bid=omt9pi0
Date: Wed, 08 Nov 2023 04:50:48 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame F5ED 53 B
616 B 64ms
40ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5141210828001828802

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 08 Nov 2023 04:50:48 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 08 Nov 2023 04:50:48 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame F5ED 43 B
108 B 473ms
253ms Image
image/gif 44.216.205.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5141210828001828802
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.216.205.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-216-205-237.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:49 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F5ED
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210828001828802&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210828001828802&forward=&C=1

43 B
336 B

24ms
19ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210828001828802&forward=&C=1
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulfIFmUDbqLid9lLZZn%2FjJDZyA4sdCFm9j5q6gmI1OzZhJuV2HCOk6DhLk7tBhjEOTeJbrVmGTJKdLJTKvYlZak2YJexmQ9UpVW5k10vuqmKZHpRUYVoLwtYJpCByQ9gdLdVaafeMRDP5g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 822b327f99fd697b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5utX83dJ%2FTRRzh9Wt0u85yz1kF6F6vO04R8TWublB0j4vUX8olVTXoPwJ0ITdvaJuneaL2Qavbr%2BPxQ7faUuTnLRdePFDl%2BcQqXrBQTEJknaB2xKR8qByVm9QZ6pg0foRErgqTJSQKUQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=57&external_user_id=5141210828001828802&forward=&C=1
cache-control: no-cache
cf-ray: 822b327f59dc697b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame F5ED 0
42 B 47ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5141210828001828802
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame F5ED 43 B
182 B 221ms
163ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5141210828001828802

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 08 Nov 2023 04:50:49 GMT
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:49 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H2 200 sync
partners.tremorhub.com/ Frame F5ED 43 B
174 B 303ms
98ms Image
image/gif 2600:1f18:612b:4280:43c0:214f:6eb7:4a47
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5141210828001828802&r=PVMTpt-lL3yO
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:43c0:214f:6eb7:4a47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 08 Nov 2023 04:50:49 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame F5ED 43 B
377 B 47ms
7ms Image
image/gif 35.156.144.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5141210828001828802
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.144.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-144-148.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame F5ED 0
337 B 94ms
28ms Image
text/plain 63.32.86.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5141210828001828802
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.86.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-86-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-served-by: beacon-n022-dub-prod.krxd.net
date: Wed, 08 Nov 2023 04:50:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=43 t=1699419048
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
x.bidswitch.net/ Frame F5ED 43 B
145 B 26ms
8ms Image
image/gif 3.67.182.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=119&user_id=5141210828001828802&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.182.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-182-127.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame F5ED
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZUsTqAAAAKvqzwN6

42 B
1 KB

15ms
15ms

Image
image/gif

193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZUsTqAAAAKvqzwN6
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682257p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 08 Nov 2023 04:50:48 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230136-FRA
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1699419049.920745,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZUsTqAAAAKvqzwN6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 2ECA
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5108559730735211994&bid=omt9pi0

0
344 B

31ms
8ms

Image
text/plain

18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5108559730735211994&bid=omt9pi0
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:48 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5108559730735211994&bid=omt9pi0
Date: Wed, 08 Nov 2023 04:50:48 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 2ECA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZUsTqAAAAKvqzwN6

42 B
964 B

23ms
15ms

Image
image/gif

193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZUsTqAAAAKvqzwN6
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 08 Nov 2023 04:50:48 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230136-FRA
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1699419049.877119,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZUsTqAAAAKvqzwN6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame 2ECA
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730735211994&referrer=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=4f874ded-8ca1-4ba8-b28c-8340d83c9a29%3A1699419049.0743155&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4f874ded-8ca1-4ba8-b28c-8340d83...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730735211994&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D4f874ded-8ca1-4ba8-b2...
https://idsync.rlcdn.com/501709.gif?partner_uid=4f874ded-8ca1-4ba8-b28c-8340d83c9a29%3A1699419049.0743155&_=1699419049.0769165

0
9 B

16ms
15ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=4f874ded-8ca1-4ba8-b28c-8340d83c9a29%3A1699419049.0743155&_=1699419049.0769165
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Wed, 08 Nov 2023 04:50:49 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: FRA56-C2
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=4f874ded-8ca1-4ba8-b28c-8340d83c9a29%3A1699419049.0743155&_=1699419049.0769165
content-length: 447
x-amz-cf-id: jruLT8kyj3k56Lww_Da1i0avlM7QQ8YA-bl-ZQSvhauvWdnTNiOQPQ==

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame 2ECA
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMDczNTIxMTk5NA==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEN1s0fTwyDN1oO9thRGWtps&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730735211994&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=ab658341-b82f-42e3-83ba-99c3bb79d0f8%3A1699419049.1415327&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dab658341-b82f-42e3-83ba-99c3bb7...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730735211994&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dab658341-b82f-42e3-83...
https://idsync.rlcdn.com/501709.gif?partner_uid=ab658341-b82f-42e3-83ba-99c3bb79d0f8%3A1699419049.1415327&_=1699419049.1444614

0
9 B

16ms
16ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=ab658341-b82f-42e3-83ba-99c3bb79d0f8%3A1699419049.1415327&_=1699419049.1444614
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Wed, 08 Nov 2023 04:50:49 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: FRA56-C2
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=ab658341-b82f-42e3-83ba-99c3bb79d0f8%3A1699419049.1415327&_=1699419049.1444614
content-length: 447
x-amz-cf-id: EV6S_0dkgWHP6ndF9OtTF5yxJC32eHq5CVi2s9ViZf8NO8vUoS6TvQ==

GET
H2

200

bounce
ib.adnxs.com/ Frame 2ECA
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5108559730735211994
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559730735211994

43 B
886 B

17ms
17ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559730735211994

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
an-x-request-uuid: d6c66dc2-d980-49b6-bf34-1ca2314cc7e2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.76; 45.141.152.76; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
an-x-request-uuid: 5e5518c1-2e33-4756-9c44-7ca9b25f769e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5108559730735211994
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.76; 45.141.152.76; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ibs:dpid=1121&dpuuid=5108559730735211994&redir=
dpm.demdex.net/ Frame 2ECA 42 B
942 B 79ms
32ms Image
image/gif 34.254.109.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559730735211994&redir=

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.109.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-109-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v053-0e75a7507.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 4JUMNuOzQ6s=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 2ECA 0
74 B 61ms
14ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5108559730735211994&r=
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 03:19:47 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 2ECA 43 B
106 B 41ms
16ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5108559730735211994&r=
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 2ECA 53 B
616 B 47ms
33ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5108559730735211994

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 08 Nov 2023 04:50:48 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 08 Nov 2023 04:50:48 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 2ECA 43 B
109 B 324ms
114ms Image
image/gif 44.216.205.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5108559730735211994
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.216.205.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-216-205-237.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:49 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 2ECA
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559730735211994&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559730735211994&forward=&C=1

43 B
327 B

25ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559730735211994&forward=&C=1
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ask%2FT7ac1KVl3%2FUUtevImoIE%2Bb4rf22cuyQql1cKwjGCW1ePGlHkUUMTzQwsPacg7REJU5quupsZbvbWpklI0vBCLeq2UfYMXxKs0sAdlPUooI%2BnxBLPkGSIFZW2mAuXTHyIO8qwSHvMPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 822b327faa02697b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nsxnFry1fXp5IK%2F09NEKk3aCHF9VTOCgkScmbWbjoAFbSxyWGOP%2Fc8z5pMv5eJcyiX3uZcFu3jCBJvkC4gnyIoyT3uz6iHhchRjooPe99KI0OfbBp4OBECRiTg6B%2FT98ORfmQ67oAp2lA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=57&external_user_id=5108559730735211994&forward=&C=1
cache-control: no-cache
cf-ray: 822b327f89f2697b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame 2ECA 0
98 B 46ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5108559730735211994
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 2ECA 43 B
182 B 323ms
266ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5108559730735211994

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 08 Nov 2023 04:50:49 GMT
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:49 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H2 200 sync
partners.tremorhub.com/ Frame 2ECA 43 B
175 B 300ms
96ms Image
image/gif 2600:1f18:612b:4280:43c0:214f:6eb7:4a47
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5108559730735211994&r=1-twHxlXtDmB
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:43c0:214f:6eb7:4a47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 08 Nov 2023 04:50:49 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 2ECA 43 B
376 B 40ms
8ms Image
image/gif 35.156.144.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5108559730735211994
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.144.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-144-148.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 2ECA 0
339 B 83ms
27ms Image
text/plain 63.32.86.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5108559730735211994
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.86.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-86-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-served-by: beacon-n013-dub-prod.krxd.net
date: Wed, 08 Nov 2023 04:50:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1699419048
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
x.bidswitch.net/ Frame 2ECA 43 B
146 B 29ms
7ms Image
image/gif 3.67.182.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559730735211994&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.182.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-182-127.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20682259p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 user
bttrack.com/dmp/adobe/ Frame 05F9 35 B
163 B 300ms
97ms Image
image/gif 192.132.33.68
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bttrack.com/dmp/adobe/user?dd_uuid=65467669184316211842981170000779011768

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.132.33.68 , United States, ASN18568 (BIDTELLECT, US),

Reverse DNS

NET-33-132-192.68.bidtellect.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-servername: Track003-iad
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:09 GMT
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: private,no-cache
content-length: 35
expires: -1

GET
H2

200

seg
secure.adnxs.com/
Redirect Chain

https://getrockerbox.com/rb?url=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&action=view&source=salvation_army&rb_source=salvation_army&script_version=xyz.js&sessionId=16d91ad0-0fd7-4df9-b3a8-8aec...
https://secure.adnxs.com/seg?add=9705236

43 B
881 B

17ms
15ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=9705236

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:49 GMT
an-x-request-uuid: 927978ab-a442-416a-aa4d-8851e4f42f9c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.76; 45.141.152.76; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Wed, 08 Nov 2023 04:50:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fD%2BwQ0c7hDUJP1hEtFZwlYAD407M2SnRh0dkG%2B2pcV5D6acaKzDR0vw8d0v57Tm%2FqJk4RPrYw%2Fuzh50MQBLLs0Bz3AUtQCp45d5UYnQU2t7Waa4hMhaDKj%2FodR%2FbYSBlFtZ%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://secure.adnxs.com/seg?add=9705236
cf-ray: 822b327f8d8bbbeb-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 05F9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlVzVHFBQUFBS3ZxendONg==

170 B
243 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlVzVHFBQUFBS3ZxendONg==

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230136-FRA
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:48 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1699419049.969931,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlVzVHFBQUFBS3ZxendONg==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=130990502032167&ev=PageView&dl=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&rl=&if=false&ts=1699419049034&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699419047308.1795707189&ler=empty&cs_est=true&it=1699419047132&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=8be40c27b48a1f925f34dd8b825d10ea&tm=1&rqm=GET

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 08 Nov 2023 04:50:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 05F9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZUsTqAAAAKvqzwN6&expires=90

0
239 B

34ms
8ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZUsTqAAAAKvqzwN6&expires=90
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230136-FRA
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1699419049.071415,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZUsTqAAAAKvqzwN6&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/ Frame A8CF 510 B
396 B 179ms
178ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/lightbox.js?mb=1699419049096&lv=1
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: af596bcd381a888903330dc462699daf8be453f01623d1c6ad8e953b3017e101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:49 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 08 Nov 2023 03:49:16 GMT
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 822b3280ea5d0378-FRA

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 05F9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZUsTqAAAAKvqzwN6

43 B
774 B

26ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZUsTqAAAAKvqzwN6
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJDbpUxYUcuzL8HKZnlV6LgO%2FIxsfWlAxDGgK%2Fh%2FbadDnR9hQUt7jKrV8R3%2BVvYlOvTYErzQS13HCyl6Q2RlXZOYy9ihbTN9JvZEeZkW5oRhS3wuTe7h9rBAu2I0r2VbujR%2FN9kcqBZomg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 822b32816df41909-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

x-served-by: cache-fra-eddf8230136-FRA
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1699419049.177840,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZUsTqAAAAKvqzwN6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

setuid
ib.adnxs.com/ Frame 05F9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=ZUsTqAAAAKvqzwN6

43 B
887 B

15ms
14ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=ZUsTqAAAAKvqzwN6

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:49 GMT
an-x-request-uuid: a6b966fa-d562-4990-ac85-70aa1303025e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.76; 45.141.152.76; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230136-FRA
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1699419049.277945,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=ZUsTqAAAAKvqzwN6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/ Frame A8CF 764 KB
149 KB 27ms
27ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/user.js?cb=638344662774748477
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/lightbox.js?mb=1699419049096&lv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a61d5f5fb83673584bad5639a788ce7c9a98d47035f2c58ab06371b6755cf79e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 04:50:49 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: v7RrjWZT+Dtyhiq+MEAQNQ==
age: 536151
cf-polished: origSize=1243340
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 01 Nov 2023 20:11:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 1538aabd-001e-002b-1e1e-0d6c88000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 822b32821b460378-FRA
expires: Thu, 07 Nov 2024 04:50:49 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 17ms
17ms Stylesheet
text/css 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=638344662742248133
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 04:50:49 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 543866
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: ee0aaac9-c01e-0072-190c-0d690e000000
cache-control: public, max-age=2678400
x-ms-version: 2009-09-19
cf-ray: 822b32829bd90378-FRA
expires: Sat, 09 Dec 2023 04:50:49 GMT

GET
H2 200 z Show response
api.lightboxcdn.com/z9gd/42728/westernusa.salvationarmy.org/jsonp/ 783 B
1 KB 427ms
128ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lightboxcdn.com/z9gd/42728/westernusa.salvationarmy.org/jsonp/z?cb=1699419049379&dre=l&callback=jQuery11240756139360546441_1699419049362&_=1699419049363
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ffebfddd453aec6fbf5bde03036cea682e7a9435fb2104a1e7ef789f6727cc82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:49 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 digibox.gif
www.lightboxcdn.com/z9g/ 35 B
257 B 17ms
16ms Image
image/gif 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/digibox.gif?c=1699419049370&h=westernusa.salvationarmy.org&e=p&u=42728
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 04:50:49 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 541368
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Fri, 02 Dec 2022 00:02:02 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Dec 2022 00:02:38 GMT
server: cloudflare
etag: 0x8DAD3F8864E2F29
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 960e7826-401e-0005-6cd5-31ec4f000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 822b3282abf00378-FRA

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 05F9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUsTqAAAAKvqzwN6

43 B
106 B

15ms
15ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUsTqAAAAKvqzwN6
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:49 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230136-FRA
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1699419049.407789,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUsTqAAAAKvqzwN6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK pstats.html Show response
a.rfihub.com/ Frame C81A 26 B
1006 B 16ms
16ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://a.rfihub.com/pstats.html?rb=5041&ca=20682259&ri=bae591ee6b8c67baa322fd8dd4a55215&stats=%7B%2213488%22%3A%22588%2C2%22%2C%2217243%22%3A%2257%2C1%22%2C%2242261%22%3A%2245%2C1%22%2C%2250495%22%3A%22376%2C1%22%2C%2252220%22%3A%2295%2C1%22%2C%2253935%22%3A%2283%2C1%22%2C%2254497%22%3A%22105%2C1%22%2C%2254855%22%3A%2264%2C2%22%2C%2254863%22%3A%22360%2C1%22%2C%2255073%22%3A%2291%2C2%22%2C%2256659%22%3A%22111%2C1%22%2C%2256885%22%3A%2296%2C2%22%2C%2257347%22%3A%22159%2C2%22%2C%2257363%22%3A%2274%2C1%22%2C%2258143%22%3A%2252%2C1%22%2C%2258553%22%3A%22514%2C2%22%2C%2258561%22%3A%22327%2C1%22%7D&ra=2045677471119105
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer: https://westernusa.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 26
Content-Type: text/html;charset=iso-8859-1
Date: Wed, 08 Nov 2023 04:50:49 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK pstats.html Show response
a.rfihub.com/ Frame 782A 26 B
1006 B 15ms
15ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://a.rfihub.com/pstats.html?rb=5041&ca=20682257&ri=02b19945882d5cb0932e76e7fdb2e08e&stats=%7B%2213488%22%3A%22600%2C2%22%2C%2217243%22%3A%2266%2C1%22%2C%2242261%22%3A%2254%2C1%22%2C%2250495%22%3A%22284%2C1%22%2C%2252220%22%3A%2296%2C1%22%2C%2253935%22%3A%2262%2C1%22%2C%2254497%22%3A%22115%2C1%22%2C%2254855%22%3A%2274%2C2%22%2C%2254863%22%3A%22371%2C1%22%2C%2255073%22%3A%22102%2C2%22%2C%2256659%22%3A%22122%2C1%22%2C%2256885%22%3A%22107%2C2%22%2C%2257347%22%3A%22169%2C2%22%2C%2257363%22%3A%22119%2C1%22%2C%2258143%22%3A%2268%2C1%22%2C%2258553%22%3A%22394%2C2%22%2C%2258561%22%3A%22478%2C1%22%7D&ra=6433880116226596
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer: https://westernusa.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 26
Content-Type: text/html;charset=iso-8859-1
Date: Wed, 08 Nov 2023 04:50:49 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 05F9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZUsTqAAAAKvqzwN6

0
74 B

15ms
14ms

Image
text/html

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZUsTqAAAAKvqzwN6
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 04:50:48 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-fra-eddf8230136-FRA
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1699419050.511904,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZUsTqAAAAKvqzwN6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 main.css
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/ Frame 25A7 1 MB
145 KB 63ms
44ms Stylesheet
text/css 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/main.css

Requested by

Host: give-usw.salvationarmy.org
URL: https://give-usw.salvationarmy.org/give/506522/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18956d2f9cb5d2e24a34b58e390cd121dfb8d650507a1d1ca30d5ad5e3bb9be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: VX804XEE2AVQRCD1
age: 12720
cf-polished: origSize=1145155
x-amz-server-side-encryption: AES256
x-amz-id-2: vM2MzWOlbOS74MFr85bNUKaR9+KiKU+0HNHUFsscqsB+lDenJ06LwaMUsjJltW9KmvQv7o98t6k=
cf-bgj: minify
last-modified: Fri, 03 Nov 2023 01:07:53 GMT
server: cloudflare
etag: W/"55e5d67c21bf2bccf9bc1a71bd12299f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 822b3283cf4a5d80-FRA

GET
H2 200 ddplugin.css
files.doublethedonation.com/app/ Frame 25A7 141 KB
17 KB 136ms
16ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.css
Requested by: Host: give-usw.salvationarmy.org
URL: https://give-usw.salvationarmy.org/give/506522/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48D9) /
Resource Hash: 60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 04:50:49 GMT
content-encoding: gzip
content-md5: ZRi6wreqb8lyrsIdYQAn/Q==
age: 3118
x-cache: HIT
content-length: 16794
x-ms-lease-status: unlocked
last-modified: Mon, 06 Nov 2023 23:21:44 GMT
server: ECAcc (ama/48D9)
etag: 0x8DBDF1F24179836
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-ms-request-id: f3788510-b01e-006f-3af7-114ff4000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Wed, 08 Nov 2023 05:50:49 GMT

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 25A7 131 KB
45 KB 73ms
9ms Script
application/javascript 2600:9000:2250:1a00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: give-usw.salvationarmy.org
URL: https://give-usw.salvationarmy.org/give/506522/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:1a00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

76164d9d399c8baca4656cd791982fdbd043413f39cf1a56c2d36c12ceb0b7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:49 GMT
content-encoding: br
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: _xWVkcdUXlV60sQk3dmXBd1reRQgxEJ_cBomRtT-0EzXE10FCLaUQg==
x-xss-protection: 1; mode=block

GET

partner
sync.search.spotxchange.com/ Frame 05F9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZUsTqAAAAKvqzwN6&img=1

0
0

GET
H2 200 rocket-loader.min.js Show response
give-usw.salvationarmy.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 25A7 12 KB
4 KB 12ms
11ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give-usw.salvationarmy.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: give-usw.salvationarmy.org
URL: https://give-usw.salvationarmy.org/give/506522/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/give/506522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 27 Oct 2023 14:30:26 GMT
server: cloudflare
content-encoding: gzip
etag: W/"653bc982-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 822b32848d5d9b86-FRA
expires: Fri, 10 Nov 2023 04:50:49 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 25A7 20 KB
7 KB 67ms
42ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: give-usw.salvationarmy.org
URL: https://give-usw.salvationarmy.org/give/506522/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://give-usw.salvationarmy.org/
Origin: https://give-usw.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:49 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 822b3284bbaf8fdd-FRA

GET
H2 404 fontello.css
files.doublethedonation.com/fontello/css/ Frame 25A7 0
0 364ms
363ms Stylesheet
application/xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/fontello/css/fontello.css
Requested by: Host: files.doublethedonation.com
URL: https://files.doublethedonation.com/app/ddplugin.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://files.doublethedonation.com/app/ddplugin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 08 Nov 2023 05:50:50 GMT
x-ms-request-id: 11c7a2a8-d01e-0024-6dff-11b3a7000000
date: Wed, 08 Nov 2023 04:50:49 GMT
cache-control: max-age=3600
server: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0
content-length: 223
content-type: application/xml

GET
H3

200

b.php
www.facebook.com/fr/ Frame 05F9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZUsTqAAAAKvqzwN6&t=2592000&o=0

43 B
155 B

46ms
45ms

Image
image/gif

2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZUsTqAAAAKvqzwN6&t=2592000&o=0

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:50:49 PST
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: public
x-fb-debug: ezRCW8B+ddfq7xxW6mtZC8sxBIwbcVWIFKex4rcUJFzfIPjFydGqZmU091k71oLmGmvsYpTokybPEzfgCY/shg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Tue, 07 Nov 2023 20:50:49 PST

Redirect headers

x-served-by: cache-fra-eddf8230136-FRA
pragma: no-cache
date: Wed, 08 Nov 2023 04:50:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1699419050.714082,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZUsTqAAAAKvqzwN6&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 settings.js Show response
www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/lightbox/c3d4a7c3-29af-440f-8f7e-e98ac184d7aa/ 5 KB
4 KB 658ms
657ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/lightbox/c3d4a7c3-29af-440f-8f7e-e98ac184d7aa/settings.js?cb=638344662742248133
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f48b18eba5c5ec4fb95b04ea9c52b17cbc28b88c059f3df1ecbfb65518368e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 04:50:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 Oct 2023 03:06:57 GMT
server: cloudflare
content-md5: 4Yq3cMkSDkT10Q1ROPm5uw==
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 1c07b702-b01e-0076-34ff-119c8c000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 822b3285be280378-FRA
expires: Thu, 07 Nov 2024 04:50:50 GMT

GET
H2 200 lightbox_builder.js Show response
www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/ Frame E124 401 KB
60 KB 24ms
23ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/lightbox_builder.js?cb=638344662742248133
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/user.js?cb=638344662774748477
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea8835a6b10ad3297c12e2d6253d513568255c5a1e3599d620cbb54cb0049413

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 04:50:49 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: vCSIFWqPCTkf2MU0LGn8VQ==
age: 536111
cf-polished: origSize=665382
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 01 Nov 2023 20:11:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 6ea23e0e-a01e-0004-391e-0dedb2000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 822b3285be340378-FRA
expires: Thu, 07 Nov 2024 04:50:49 GMT

GET
H2 200 xdi.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 25A7 26 KB
12 KB 31ms
16ms Script
text/javascript 2600:9000:2250:1a00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/xdi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:1a00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9669a10126dc3af0dfb585a7d1f1359638262289968aa7c202ad70de3371f073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give-usw.salvationarmy.org/
Origin: https://give-usw.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 2HwkiXQectHLaswMS7GXtsj7Fj29XM2H
content-encoding: gzip
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 03:08:30 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 6156
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"00c3b072683167edc19c510fffec8e50-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: 43kbif2nqfhM23bcW3vWd9v1bP7ubC809JWIoEdNtbivjBHm4ezNtA==

GET
H2 200 ui.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 25A7 267 KB
77 KB 14ms
7ms Script
text/javascript 2600:9000:2250:1a00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:1a00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give-usw.salvationarmy.org/
Origin: https://give-usw.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: pGLiXkBTZEwR1GE0xA6XjctsUE08zxMZ
content-encoding: gzip
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
date: Tue, 07 Nov 2023 08:17:31 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 77993
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fc84468acd1aa46963b34967f73979cb-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: el7QVG7o_moyZg8iPJ7FnspolS2vLnrcjOgA6QvHlQTbEHPj1RFLVA==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 25A7 46 KB
17 KB 27ms
21ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

74c429a7c2089c98a0fb60009f59018e1fef3c4956309bd2b5d48c2307798133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16825
x-xss-protection: 0
server: cafe
etag: 12291670626195162658
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 04:50:50 GMT

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ Frame 25A7 19 KB
5 KB 515ms
124ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:49 GMT
last-modified: Tue, 07 Nov 2023 16:58:42 GMT
etag: "08d5ea99b11da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4905
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ Frame 25A7 7 KB
3 KB 53ms
19ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:50 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 515551
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HE78M6B9WHBGGSFEP8S15WT6-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 822b32876b5b9113-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/donation/ Frame 25A7 184 KB
38 KB 31ms
30ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/donation/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0de2cb4c9ce1677fba9438fca34d6b47936aed59f13069495765343e859578cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:53 GMT
server: cloudflare
x-amz-request-id: MPNRDDJZWDHJ7AZ0
age: 3001
etag: W/"089b8a713fff449a3d5d50ad1c44b6b9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 822b328739c45d80-FRA
x-amz-id-2: ItX2/zZ2C5tsSm90S3KSb7gasQve2FICM8j0CgoqhSX71DY3sBL+0CNg7C3XWZpuabHum5uwfRc=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/ Frame 25A7 2 MB
387 KB 49ms
48ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38fb913bc8a440947a0a4605ceac8b470899ade135151adefe63efa150810ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: STEGS4RZR2MJN60M
age: 12695
etag: W/"0c27168ea89a2ca7b04c8e7c8a5b75d3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 822b328739c55d80-FRA
x-amz-id-2: FUfsTb5RcsbKrVnlBbZJMhwzqNf8eHFy8io5NLkr+N45SM4fotWWGuSD+4i1X+oUNdcZlRClxZQ=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/ Frame 25A7 1 MB
429 KB 41ms
41ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/libs.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: MQK9RDJ0313MTY4Q
age: 12746
etag: W/"89ff3b468454fac32729fc74e3c9be17"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 822b328739c65d80-FRA
x-amz-id-2: UF7lRKhj/r6XQ8SKufrJezF9in1nXZeOWZqrrQe4tQYy13nUY2W6fFqY53KbsOe2/Is8a/kUlNk=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame 25A7 143 KB
43 KB 59ms
33ms Script
application/javascript 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d91d7fd9c0611ab9052a2124103f31709e6ac6609b159669d315c5f0fe16604

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 16:16:44 GMT
x-amz-version-id: XJ6iXoa3EjUi7j7TbLm3UWuIj8Y_gOQp
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-request-id: V4F20ZMPXG9XF1C3
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
age: 45247
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: 2kdS6MVQrr3Qg5yLLLZuk8doV8Je/VNr9vZavYnYcfx0l+3e4xsfYBQpSHigYKYjQMzfbizHkZc=
last-modified: Tue, 07 Nov 2023 16:04:32 GMT
server: AmazonS3
etag: W/"76e58bb89a40485135048833c39782c2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: tXiPjBodcDRHDY0ecpeehsscYBmRMne9qpSHUhWB21RG0Us5HY7wPg==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 25A7 552 KB
153 KB 40ms
6ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0524593c51d313589e0e8e8a8b069c1c7ecc5dc94a2c59dd2809b0e326d407f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:50 GMT
via: 1.1 varnish
age: 50
x-cache: HIT
content-length: 156099
x-request-id: 3237d433-5975-441b-acfa-cc5742c9a48f
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Tue, 07 Nov 2023 21:59:00 GMT
server: Fastly
etag: "7b44d268e0c6393b9663b52a3c1d850a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 ddplugin.js Show response
files.doublethedonation.com/app/ Frame 25A7 450 KB
116 KB 16ms
16ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48C3) /
Resource Hash: 0edf8bc8c6df3c99cc8b025fe674ca0cf1f515459ea160d4a39942bb80988f48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 04:50:50 GMT
content-encoding: gzip
content-md5: PjbR72YH56HH6wNQ6eeAfg==
age: 3115
x-cache: HIT
content-length: 118376
x-ms-lease-status: unlocked
last-modified: Mon, 06 Nov 2023 23:21:44 GMT
server: ECAcc (ama/48C3)
etag: 0x8DBDF1F24246784
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-ms-request-id: d24fd3a5-101e-0066-6af7-110a27000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Wed, 08 Nov 2023 05:50:50 GMT

GET
H2 200 cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 25A7 15 KB
4 KB 8ms
8ms Stylesheet
text/css 2600:9000:2250:1a00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:1a00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: JWSMp_NTaRFeSeqpmxFPkel0LiL4cMwY
content-encoding: gzip
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 02:09:22 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 9689
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fb3f2afd9f46893bb196329ab90276a6-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: sdr70WnH1CkphJtTA-FN6AXdMI4GZAkRCf0jt0qfFG9VwkvuLoSWfw==

GET
H2 200 en.json Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ Frame 25A7 8 KB
3 KB 10ms
7ms Fetch
application/json 2600:9000:2250:1a00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:1a00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: Pw3hE5sAYQ0kvHESktDQjUKbfeKteOb6
content-encoding: gzip
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 02:12:10 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 13138
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"ecabc5423541bd640b7f7a45cb696671-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: 5El4ejq9mrPtC--GcbdfDdsRjJvYdgd5nbyxFPeCsKAnCK1EDH0u-Q==

GET
H2 200 lightbox_inline.js Show response
www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/ Frame 25A7 2 KB
1 KB 18ms
15ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/lightbox_inline.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51864fe340507c4ba2adac9014f53d4ad5d0df17a9127a898c9ed6f1c1d1f3ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 04:50:50 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: LHj7JB5D8hMq0oc8oGwFXQ==
age: 1
cf-polished: origSize=2532
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 01 Nov 2023 20:11:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 74ea5712-e01e-0047-091e-0dc75b000000
x-ms-version: 2009-09-19
cf-ray: 822b32879fa80378-FRA

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/ Frame DAF8 501 B
378 B 20ms
19ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/lightbox.js?mb=1699419050309&lv=1
Requested by: Host: give-usw.salvationarmy.org
URL: https://give-usw.salvationarmy.org/give/506522/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 20ef4da1f52e644b33db950ccecc1b6bf03458916dcaaed3ace197a2a4f46838

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:50 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 08 Nov 2023 04:50:49 GMT
server: cloudflare
age: 1
cf-polished: origSize=510
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 822b328888aa0378-FRA

GET
H2 200 sdk.js Show response
give-usw.salvationarmy.org/sso/ Frame 25A7 26 KB
7 KB 515ms
515ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give-usw.salvationarmy.org/sso/sdk.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca59ea276635e06f4153a8979c26329c234dcc44673066902f6971ecdefc758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/give/506522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 08 Nov 2023 03:50:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 822b328908d19b86-FRA
expires: Wed, 08 Nov 2023 05:10:50 GMT

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/ Frame DAF8 764 KB
149 KB 25ms
24ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/user.js?cb=638344662774748477
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/lightbox.js?mb=1699419050309&lv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a61d5f5fb83673584bad5639a788ce7c9a98d47035f2c58ab06371b6755cf79e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 04:50:50 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: v7RrjWZT+Dtyhiq+MEAQNQ==
age: 536152
cf-polished: origSize=1243340
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 01 Nov 2023 20:11:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 1538aabd-001e-002b-1e1e-0d6c88000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 822b3289392c0378-FRA
expires: Thu, 07 Nov 2024 04:50:50 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ Frame 25A7 4 KB
1 KB 18ms
18ms Stylesheet
text/css 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=638344662742248133
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 04:50:50 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 543867
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: ee0aaac9-c01e-0072-190c-0d690e000000
cache-control: public, max-age=2678400
x-ms-version: 2009-09-19
cf-ray: 822b328989780378-FRA
expires: Sat, 09 Dec 2023 04:50:50 GMT

GET
H2 200 z Show response
api.lightboxcdn.com/z9gd/42728/give-usw.salvationarmy.org/jsonp/ Frame 25A7 780 B
1 KB 469ms
468ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lightboxcdn.com/z9gd/42728/give-usw.salvationarmy.org/jsonp/z?cb=1699419050488&dre=l&callback=jQuery112404680537178926747_1699419050477&_=1699419050478
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 53571fa31734f289b8f3e225856451f4381c65b626a089a445ed0c946050e1cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:50 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 digibox.gif
www.lightboxcdn.com/z9g/ Frame 25A7 35 B
105 B 18ms
17ms Image
image/gif 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/digibox.gif?c=1699419050480&h=give-usw.salvationarmy.org&e=p&u=42728
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 04:50:50 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 541369
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Fri, 02 Dec 2022 00:02:02 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Dec 2022 00:02:38 GMT
server: cloudflare
etag: 0x8DAD3F8864E2F29
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 960e7826-401e-0005-6cd5-31ec4f000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 822b3289997e0378-FRA

GET
H2 200 inspectlet.js Show response
cdn.inspectlet.com/ 188 KB
63 KB 433ms
397ms Script
text/javascript 2606:4700:10::6816:38f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inspectlet.com/inspectlet.js
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:38f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d554121551df68e414c85920b6541d2e92251a189ff19a4b1f8dffe97ce1cb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:50 GMT
via: 1.1 vegur
content-encoding: gzip
cf-cache-status: EXPIRED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Wed, 08 Nov 2023 04:49:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1699419050&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=XaXKVKsdxiLnlRT25Ba9dZlhKP6k7TQA3RAY9QdB2PI%3D"}]}
content-type: text/javascript;charset=UTF-8
cache-control: s-maxage=60, max-age=14400
cf-ray: 822b328a09333733-FRA
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1699419050&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=XaXKVKsdxiLnlRT25Ba9dZlhKP6k7TQA3RAY9QdB2PI%3D

GET
H2 200 gaf623xb Show response
widget.intercom.io/widget/ 7 KB
3 KB 437ms
401ms Script
application/javascript 13.224.189.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/gaf623xb
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-49.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38a2ed6ef60ea7adec370944bb5d5fb1a60a18caa0366facd4626bf7b8eabfd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: ETGnbZH9RY1OZv0oFiKqc9wiX_pmc2uw
content-encoding: gzip
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:40:05 GMT
x-amz-cf-pop: FRA2-C1
age: 646
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2705
last-modified: Tue, 07 Nov 2023 10:58:09 GMT
server: AmazonS3
etag: "a9fecd03515c39dac3b772d9dae3bafd"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: 9X9ja_VNX2iC9TfLx7nqgxdLUhNBMn3TTvXc_tXYanGvmkt-qeYPLQ==

GET
H2 200 nr-spa-1209.min.js Show response
js-agent.newrelic.com/ 42 KB
17 KB 27ms
6ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1209.min.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: KgzCtiOnqYr340UnH7uEeaW1TwZyFYCF
content-encoding: br
via: 1.1 varnish
date: Wed, 08 Nov 2023 04:50:50 GMT
strict-transport-security: max-age=300
x-amz-request-id: 32QZSKD5VF2VNXPQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16548
x-amz-id-2: /+rpnOzBsmtb1kui1VZaHii0qVVn46+VOAmuTtP7Xhmr36g4fn/d/ewOXfdcHSNWx7T8Jf/+CfU=
x-served-by: cache-fra-eddf8230050-FRA
last-modified: Wed, 18 Oct 2023 21:31:08 GMT
server: AmazonS3
x-timer: S1699419051.552259,VS0,VE0
etag: "0a1d4ac0ed6107cdf844f28cc3ba3b82"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 30506

GET
H/1.1 200
OK eb9cc856fc Show response
bam-cell.nr-data.net/1/ 56 B
954 B 737ms
641ms Script
text/javascript 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/eb9cc856fc?a=2793967&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=5185&ck=1&ref=https://westernusa.salvationarmy.org/&be=1955&fe=5152&dc=2244&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1699419045377,%22n%22:0,%22f%22:1065,%22dn%22:1122,%22dne%22:1122,%22c%22:1122,%22s%22:1221,%22ce%22:1324,%22rq%22:1324,%22rp%22:1427,%22rpe%22:1528,%22dl%22:1433,%22di%22:2194,%22ds%22:2195,%22de%22:2248,%22dc%22:5151,%22l%22:5151,%22le%22:5160%7D,%22navigation%22:%7B%7D%7D&fp=3216&fcp=3216&ja=%7B%22symphony_environment%22:%22prod%22,%22symphony_version%22:%222023.2.1%22,%22symphony_territory%22:%22USW%22,%22symphony_conductor%22:%22usw_conductor%22,%22symphony_space%22:%22public%22%7D&jsonp=NREUM.setToken
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bdeba67a5e0f64db65210a03aa5c808e21ec02a5cff47bce7611b6ade9ee9e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:51 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJXe4AVNOseSqZ8S6Fafzq3QkJkfWE3uyE6IxeP3YlQzq18%2FW1aIKkXES7GGhsBO0WDFq3qPmfQJNHcC59Uqk21k%2BM2Q%2Fy890UjA%2FNI7XKof65ADHO0M8a92QQaHk8FXlXBgZQen"}],"group":"cf-nel","max_age":604800}
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 822b328aabe94d82-FRA

GET
H/1.1 200
OK ee490239-078f-4772-aeb4-26896233d109_homeless-thq.jpg
s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ 148 KB
149 KB 175ms
175ms Image
image/jpeg 52.219.117.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/usw-cache.salvationarmy.org/ee490239-078f-4772-aeb4-26896233d109_homeless-thq.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.117.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 82879e61c44184d28de17b6e3b0fe128cac726acda877c0e50010f9941a73549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Wed, 08 Nov 2023 04:50:51 GMT
x-amz-meta-owningsiteid: 8a8080ce549b443701549be707450033
Last-Modified: Sat, 23 Sep 2023 16:46:53 GMT
Server: AmazonS3
x-amz-request-id: 8KYPCSJWNNKEN600
ETag: "14599e219c941f0592bd5b2d87793ec5"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 151868
x-amz-id-2: a9QFrIj51UsH7xIqzPwNm506mOKZ+96IXpF6YFUAJ7lDBhfwGm580x5TA9IGA3O3OD36tfs+zU0=
Expires: Sat, 23 Sep 2023 16:46:55 GMT

GET
H2 200 localneeds-1.svg
westernusa.salvationarmy.org/templates/symphony/static_resources/images/stripeImages/ 13 KB
4 KB 129ms
129ms Image
image/svg+xml 3.234.103.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://westernusa.salvationarmy.org/templates/symphony/static_resources/images/stripeImages/localneeds-1.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.103.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-103-103.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fa9b0ac404e1f90eb189ad43089e1b0422b86ee30b831cafd7c560c262653d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Wed, 01 Nov 2023 10:21:18 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"13519-1698834078000"
x-frame-options: DENY
content-type: image/svg+xml
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 3882
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 43e13eaf-4d2e-4cb3-8ecf-5d924f62134f.css
s3.lightboxcdn.com/custom_fonts/ Frame E124 1 KB
510 B 34ms
16ms Stylesheet
text/css 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.lightboxcdn.com/custom_fonts/43e13eaf-4d2e-4cb3-8ecf-5d924f62134f.css?cb=638344662742248133
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/lightbox_builder.js?cb=638344662742248133
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88e781cd1341d2c8bdce2969d4e478c9fcb1e91c54de6777ad1b38b5ed684693

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:50 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: AXP1PP5123NH1KG6
age: 536109
cf-polished: origSize=1295
x-amz-id-2: rP3kQdNrWKVqlp+FHBC6IIMDP8j4AhqLbcOdBKqdy6UqgY/GNJNOSAnwkyww+c7KDp6F+moETo4=
cf-bgj: minify
last-modified: Wed, 24 Mar 2021 21:47:24 GMT
server: cloudflare
etag: W/"2628a86362c1a166cc3f1cae5495c199"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 822b328a6a4a0378-FRA
expires: Thu, 07 Nov 2024 04:50:50 GMT

GET
H2 200 2d708ca6-e405-4ed6-8d00-16433cc5586f.css
s3.lightboxcdn.com/custom_fonts/ Frame E124 224 B
408 B 41ms
22ms Stylesheet
text/css 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.lightboxcdn.com/custom_fonts/2d708ca6-e405-4ed6-8d00-16433cc5586f.css?cb=638344662742248133
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/lightbox_builder.js?cb=638344662742248133
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda2e699eb4dc72e220cc7f9fa6b9ab40a2a6c2b719f7f8960ca28b0c171bfdd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:50 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 34F3XHHAXMZHY6GR
age: 7280
cf-polished: origSize=243
x-amz-id-2: 1RWHINR7jFShp6F879zAJKc5S0eB5MeryQIDtyBIYR77LZNAlj9HUL89O6Tpfzf7qZZlxgtw50U=
cf-bgj: minify
last-modified: Thu, 21 Nov 2019 21:39:08 GMT
server: cloudflare
etag: W/"9b551485650112982e24299dc24de5ec"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 822b328a6a4d0378-FRA
expires: Thu, 07 Nov 2024 04:50:50 GMT

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame EEB9 200 B
817 B 8ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give-usw.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5210772
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 04:50:50 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 242378
x-content-type-options: nosniff
x-request-id: 0768bc0f-edcd-44c4-9e51-f65a5c57d1b2
x-served-by: cache-fra-eddf8230113-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 25A7 993 B
778 B 29ms
28ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9f8a2c12a04d9ac4408a2e31569abedeac96e4817b3e3b25e10a80cff9fc200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 08 Nov 2023 04:50:50 GMT

POST
H2 204 rum Show response
give-usw.salvationarmy.org/cdn-cgi/ Frame 25A7 0
173 B 16ms
15ms XHR
text/plain 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give-usw.salvationarmy.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-077273fe9c5b0020----1699419050842
traceparent: 00-acb3b2ebe86609e449fbd75dbde71a00-077273fe9c5b0020-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwNzcyNzNmZTljNWIwMDIwIiwidHIiOiJhY2IzYjJlYmU4NjYwOWU0NDlmYmQ3NWRiZGU3MWEwMCIsInRpIjoxNjk5NDE5MDUwODQyfX0=
content-type: application/json
Referer: https://give-usw.salvationarmy.org/give/506522/

Response headers

date: Wed, 08 Nov 2023 04:50:50 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://give-usw.salvationarmy.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 822b328bcb379b86-FRA

GET
H2 200 channels Show response
give-usw.salvationarmy.org/frs-api/campaigns/506522/ Frame 25A7 1 KB
694 B 461ms
461ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give-usw.salvationarmy.org/frs-api/campaigns/506522/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b41fb472cf4193e4954709108b884e125d14c8baa56bc0cf6b61fcc46ec0469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: rssgrK8V-df8fL8l2GFQgQVUtkPeXcqwa3WA
tracestate: 423787@nr=0-1-423787-363751183-3c698f228c929967----1699419050845
traceparent: 00-a7b4b7258dc4c88f48bacd4bfff64900-3c698f228c929967-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzYzY5OGYyMjhjOTI5OTY3IiwidHIiOiJhN2I0YjcyNThkYzRjODhmNDhiYWNkNGJmZmY2NDkwMCIsInRpIjoxNjk5NDE5MDUwODQ1fX0=
Accept: application/json, text/plain, */*
csrf-token: rssgrK8V-df8fL8l2GFQgQVUtkPeXcqwa3WA
Referer: https://give-usw.salvationarmy.org/give/506522/

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"40f-mH/qraYlUGtljWnKZe9X51CNO5U"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 822b328bdb399b86-FRA

GET
H2 200 tax-entities Show response
give-usw.salvationarmy.org/frs-api/organizations/16975/ Frame 25A7 629 B
388 B 446ms
446ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give-usw.salvationarmy.org/frs-api/organizations/16975/tax-entities

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

188b23f9668ddaf7cdc2fb113094d87bc2584dfa5aa7542cc51393275e064d10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: rssgrK8V-df8fL8l2GFQgQVUtkPeXcqwa3WA
tracestate: 423787@nr=0-1-423787-363751183-8c659d980c1139f6----1699419050897
traceparent: 00-0e186989aa27a3a5d01c21b316149400-8c659d980c1139f6-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4YzY1OWQ5ODBjMTEzOWY2IiwidHIiOiIwZTE4Njk4OWFhMjdhM2E1ZDAxYzIxYjMxNjE0OTQwMCIsInRpIjoxNjk5NDE5MDUwODk3fX0=
Accept: application/json, text/plain, */*
csrf-token: rssgrK8V-df8fL8l2GFQgQVUtkPeXcqwa3WA
Referer: https://give-usw.salvationarmy.org/give/506522/

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"275-CVeNP4sFCKuVate8Nj114d1zRzM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 822b328c2b6b9b86-FRA

GET
H2 200 ach-account-routing Show response
give-usw.salvationarmy.org/frs-api/organizations/16975/ Frame 25A7 32 B
167 B 414ms
414ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give-usw.salvationarmy.org/frs-api/organizations/16975/ach-account-routing

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ca9d31f3f621954176f2af3955d7b2f691fde115dee35b03fdec5eb889209e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: rssgrK8V-df8fL8l2GFQgQVUtkPeXcqwa3WA
tracestate: 423787@nr=0-1-423787-363751183-6732230f71cdc08a----1699419050996
traceparent: 00-e339c3c8288507b07ea1392a5418a900-6732230f71cdc08a-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2NzMyMjMwZjcxY2RjMDhhIiwidHIiOiJlMzM5YzNjODI4ODUwN2IwN2VhMTM5MmE1NDE4YTkwMCIsInRpIjoxNjk5NDE5MDUwOTk2fX0=
Accept: application/json, text/plain, */*
csrf-token: rssgrK8V-df8fL8l2GFQgQVUtkPeXcqwa3WA
Referer: https://give-usw.salvationarmy.org/give/506522/

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"20-IrwpdIgvwDw+aj4yRYzT7Xca9EM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 822b328ccbd49b86-FRA
content-length: 32

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/ Frame 25A7 394 B
716 B 31ms
30ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: 0PP0SFMKJMT451Z1
age: 335
cf-polished: origFmt=png, origSize=547
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: cOpYdLQNGXLiGmvYEjKM17mtvUsR2LBdCUlo57cnxzkYvpYXMTsAVy1HkdY+K6nLDI4UuvuT/2U=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 822b328cedfe5d80-FRA

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/fonts/ Frame 25A7 42 KB
43 KB 52ms
32ms Font
application/x-font-woff 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5013720a1091644b368a9265d4c42b174b4536b40bf423f95ffc38f8ad1fe1a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/main.css
Origin: https://give-usw.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: HZT7M2GF43V17F9C
age: 26204
x-amz-server-side-encryption: AES256
content-length: 43184
x-amz-id-2: Roh+gQudgIwUbFuoL+3dwrQwFNIp0FX4DHAh4T8Vv/mwTjaXIq/fbgDW2lwTywAg2mOY6iODVZ44y8cu/FPePXHQ0JUNR9zuirCvla/l3Vs=
last-modified: Fri, 03 Nov 2023 01:07:53 GMT
server: cloudflare
etag: "c16dd065e52479f3eb570bada1ac44a0"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 822b328d0b7e1e20-FRA

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/fonts/ Frame 25A7 65 KB
66 KB 53ms
33ms Font
binary/octet-stream 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/main.css
Origin: https://give-usw.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: HZT14TZ9XB3EYG6X
age: 26204
x-amz-server-side-encryption: AES256
content-length: 66624
x-amz-id-2: QStCtS2HvIcov/4dtCim2uWG640GqBOgGNvpal177wb0ffG+tOC+3lsTJe6OVZnYO9+ScPVNmbxLhgy2iRHcn/8TvePqFEDrtULBdqAWx5k=
last-modified: Fri, 03 Nov 2023 01:07:53 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 822b328d0b801e20-FRA

GET
H2 200 currency-conversions Show response
give-usw.salvationarmy.org/frs-api/i18n/ Frame 25A7 75 B
211 B 393ms
393ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give-usw.salvationarmy.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab2f0ecefec4b6679dda1810fc08c8e1f8f930436753344f20b55928230a963b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: rssgrK8V-df8fL8l2GFQgQVUtkPeXcqwa3WA
tracestate: 423787@nr=0-1-423787-363751183-2b5c6e242a950909----1699419051050
traceparent: 00-503dbd1bb56d8d3d8d613fc66bc72c00-2b5c6e242a950909-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyYjVjNmUyNDJhOTUwOTA5IiwidHIiOiI1MDNkYmQxYmI1NmQ4ZDNkOGQ2MTNmYzY2YmM3MmMwMCIsInRpIjoxNjk5NDE5MDUxMDUwfX0=
Accept: application/json, text/plain, */*
csrf-token: rssgrK8V-df8fL8l2GFQgQVUtkPeXcqwa3WA
Referer: https://give-usw.salvationarmy.org/give/506522/

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-iPgZxI4H/H2aB/vS6w3kW8T7Cu4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 822b328d1c1e9b86-FRA

GET
H2 200 plaid Show response
pay.classy.org/token/ Frame 25A7 88 B
613 B 417ms
398ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=4815&currency=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give-usw.salvationarmy.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 553f0763-ecda-4474-afb4-afc1f4300114
cf-ray: 822b328d4bb11e20-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 user-icon.png
give-usw.salvationarmy.org/static/global/images/ Frame 25A7 2 KB
2 KB 43ms
42ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give-usw.salvationarmy.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/give/506522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 5213146
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Thu, 31 Aug 2023 23:25:32 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "64f1216c-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 822b328d5c599b86-FRA
expires: Sat, 07 Sep 2024 20:45:05 GMT

GET
H2 200 embedded-giving-logo-visa.svg
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/ Frame 25A7 1 KB
925 B 33ms
32ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/embedded-giving-logo-visa.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: DZHY09J14C7D42DB
age: 12622
etag: W/"b327a8825ae28019462c8c3f5b4770c0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 822b328d5e445d80-FRA
x-amz-id-2: IKlLrim5N53d4cbMxRJZ6ZSylBa4oPPimX1gREa064qSDNF9Q8uzbWsGeHoLP8H+emXRDeZyPRI9nzlzOq4cur6PFWC2yf9UipWa1EQ0yp8=

GET
H2 200 embedded-giving-logo-amex.svg
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/ Frame 25A7 1 KB
812 B 41ms
40ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/embedded-giving-logo-amex.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: PMTYJ3SR05N6G1A4
age: 10912
etag: W/"0b1b4bc87aebc780d3ad6095fd447a24"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 822b328d5e455d80-FRA
x-amz-id-2: X6ZzAKjdVNPn4r/H6CyUvuPsAmCOjd3ycCqqVBWPH/WJZDbZL1EX4Cz0s0a6yZ3GhcyICSg+nlI=

GET
H2 200 embedded-giving-logo-discover.svg
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/ Frame 25A7 3 KB
1 KB 23ms
22ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/embedded-giving-logo-discover.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: 7GSTAPAGSSRCHGD1
age: 1428
etag: W/"d51cee8f590a54e755ac3501c1bd7342"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 822b328d5e475d80-FRA
x-amz-id-2: Hjn5MQyjOmDbm5XINMJ4+VvVWSNzUyGMDqIAI4cJrbUonggA9veMRLV5WfP7sNc/zXpFGkHaMLQ=

GET
H2 200 embedded-giving-logo-mastercard.svg
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/ Frame 25A7 1 KB
690 B 29ms
28ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/embedded-giving-logo-mastercard.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: PMTJ9WFJKMPFKECT
age: 10912
etag: W/"26fb3de4519ed38ceec90bc98250ba1f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 822b328d5e485d80-FRA
x-amz-id-2: w6cdLi6De/R+/AdD5ixMljWy9X7lPN2zNX+iHU5QZPWJct1IbeFYWYuTNKRNQhfACoJiWT2BdxQ=

GET
H2 200 embedded-giving-shield-icon.svg
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/ Frame 25A7 6 KB
2 KB 31ms
30ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/embedded-giving-shield-icon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: 6B0KNGH16QZZXKHK
age: 10912
etag: W/"46fd834e95514def799fa0626c78233c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 822b328d5e495d80-FRA
x-amz-id-2: Sg5FIfCnJ6u/yIxZjcVezOGD04M5tS3ZPc5jD17c30Ndyo7nzijHfJUvIMlcUVHUOazZsjvJFPs=

GET
H2 200 embedded-giving-logo-ach.svg
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/ Frame 25A7 1 KB
933 B 28ms
27ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/embedded-giving-logo-ach.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: H3FXM3AVDVZFYHKM
age: 9667
etag: W/"d71add3c9962a21340ec557ac0628bf7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 822b328d5e4a5d80-FRA
x-amz-id-2: 8pnEr+KJ5C7N/jyN7u4Xt+34ogquHReil+GpB7yRAHD5J3b7v7QkwXieESnq7cbxcvSMrtzH0zs=

POST
H2 204 rum Show response
give-usw.salvationarmy.org/cdn-cgi/ Frame 25A7 0
60 B 11ms
11ms XHR
text/plain 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give-usw.salvationarmy.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-8f8bc91fc63856a7----1699419051094
traceparent: 00-a33b68bafa5c16346538d086314ad400-8f8bc91fc63856a7-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4ZjhiYzkxZmM2Mzg1NmE3IiwidHIiOiJhMzNiNjhiYWZhNWMxNjM0NjUzOGQwODYzMTRhZDQwMCIsInRpIjoxNjk5NDE5MDUxMDk0fX0=
content-type: application/json
Referer: https://give-usw.salvationarmy.org/give/506522/

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://give-usw.salvationarmy.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 822b328d5c5f9b86-FRA

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EEB9 631 B
556 B 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:51 GMT
via: 1.1 varnish
age: 685947
x-cache: HIT
content-length: 399
x-request-id: f690866a-5912-4ee8-b969-d48915d96039
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 230841

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/788785286/ Frame 25A7 3 KB
1 KB 19ms
19ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/788785286/?random=1699419051099&cv=9&fst=1699419051099&num=1&value=0&label=wZwFCJ_w_4gBEIbRj_gC&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fgive-usw.salvationarmy.org%2Fgive%2F506522%2F&ref=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&tiba=Donate%20to%20The%20Salvation%20Army-Website&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e67a243f18157308586320b8755f8f42986e5e2410971109e2bb1819b9252b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1458
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 25A7 11 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Nov 2023 04:50:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 04:50:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Nov 2023 04:50:51 GMT

GET
H2 200 transaction-estimates Show response
give-usw.salvationarmy.org/frs-api/campaign/506522/ Frame 25A7 366 B
247 B 480ms
479ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give-usw.salvationarmy.org/frs-api/campaign/506522/transaction-estimates?amex=false&amount=100&currency=USD&fot=false&international=false&payment_method=DW&processor_name=STRIPE

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

248848734588e21d4eac1aa54cd2e31e38bc26f815802c278e6f74f28b787099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: rssgrK8V-df8fL8l2GFQgQVUtkPeXcqwa3WA
tracestate: 423787@nr=0-1-423787-363751183-f9f9600b2c2f187f----1699419051112
traceparent: 00-f5b5f67700179e5be26b8ed67014d500-f9f9600b2c2f187f-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmOWY5NjAwYjJjMmYxODdmIiwidHIiOiJmNWI1ZjY3NzAwMTc5ZTViZTI2YjhlZDY3MDE0ZDUwMCIsInRpIjoxNjk5NDE5MDUxMTEyfX0=
Accept: application/json, text/plain, */*
csrf-token: rssgrK8V-df8fL8l2GFQgQVUtkPeXcqwa3WA
Referer: https://give-usw.salvationarmy.org/give/506522/

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"16e-vdzNy4NWPWxixtwbU959kP2zmbk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 822b328d7c759b86-FRA

GET
H2 200 transaction-estimates Show response
give-usw.salvationarmy.org/frs-api/campaign/506522/ Frame 25A7 366 B
300 B 468ms
467ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give-usw.salvationarmy.org/frs-api/campaign/506522/transaction-estimates?amex=false&amount=100&currency=USD&fot=false&international=false&payment_method=DW&processor_name=STRIPE

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

248848734588e21d4eac1aa54cd2e31e38bc26f815802c278e6f74f28b787099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: rssgrK8V-df8fL8l2GFQgQVUtkPeXcqwa3WA
tracestate: 423787@nr=0-1-423787-363751183-c8991ef919bde9b6----1699419051113
traceparent: 00-2ac29ee83b39979ff7f68e65a156a300-c8991ef919bde9b6-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjODk5MWVmOTE5YmRlOWI2IiwidHIiOiIyYWMyOWVlODNiMzk5NzlmZjdmNjhlNjVhMTU2YTMwMCIsInRpIjoxNjk5NDE5MDUxMTEzfX0=
Accept: application/json, text/plain, */*
csrf-token: rssgrK8V-df8fL8l2GFQgQVUtkPeXcqwa3WA
Referer: https://give-usw.salvationarmy.org/give/506522/

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"16e-vdzNy4NWPWxixtwbU959kP2zmbk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 822b328d7c779b86-FRA

GET
H3 200 fancybox_sprite.png
cdn.jsdelivr.net/fancybox/2.1.5/ 1 KB
2 KB 20ms
20ms Image
image/png 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/fancybox/2.1.5/fancybox_sprite.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8200948
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1362
x-served-by: cache-fra-eddf8230090-FRA, cache-yyz4576-YYZ
server: cloudflare
etag: W/"552-F98Z+XYo53vgnDUr8nQl+uokglE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6qSXMrY6oQxCi%2Fnv%2BVmlNMhaJZVZIQD%2BFTcBNHgpVeZoXcv8oNCi5VN%2Fco%2BzpDsFuc7oDMR8C82xzfUV5Qa%2BSFFMVJDcXppR3J49uDB8lszhGkFsNCO1hKokDYX4mOUgObjrCQcDyNtTVZSiDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 822b328daf7a1da0-FRA

GET
H2 200 digibox.gif
www.lightboxcdn.com/z9g/ 35 B
146 B 20ms
19ms Image
image/gif 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/digibox.gif?c=1699419051144&h=westernusa.salvationarmy.org&e=i&u=42728&b=240225&v=empty&s=empty
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 04:50:51 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 541370
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Fri, 02 Dec 2022 00:02:02 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Dec 2022 00:02:38 GMT
server: cloudflare
etag: 0x8DAD3F8864E2F29
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 960e7826-401e-0005-6cd5-31ec4f000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 822b328dad5f0378-FRA

GET
H2 200 l
use.typekit.net/af/6799c3/000000000000000000012e92/27/ Frame E124 39 KB
39 KB 33ms
33ms Font
application/font-woff2 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6799c3/000000000000000000012e92/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: s3.lightboxcdn.com
URL: https://s3.lightboxcdn.com/custom_fonts/43e13eaf-4d2e-4cb3-8ecf-5d924f62134f.css?cb=638344662742248133
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2aa4afc11c9d7a606d9d9697bf302736df839525aa7a74cf7456d0eb777d0920

Request headers

Referer: https://s3.lightboxcdn.com/
Origin: https://westernusa.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
server: nginx
etag: "ff390f132f568633fed790cb146933639ec26802"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39704

GET
H2 200 ProximaNovaMedium.otf
s3.lightboxcdn.com/vendors/1ba4571c-6e05-4431-8d28-9374c32606e5/uploads/a6154136-12dd-448b-a87e-a0b310fed3b8/ Frame E124 102 KB
103 KB 35ms
17ms Font
application/vnd.oasis.opendocument.formula-template 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.lightboxcdn.com/vendors/1ba4571c-6e05-4431-8d28-9374c32606e5/uploads/a6154136-12dd-448b-a87e-a0b310fed3b8/ProximaNovaMedium.otf
Requested by: Host: s3.lightboxcdn.com
URL: https://s3.lightboxcdn.com/custom_fonts/2d708ca6-e405-4ed6-8d00-16433cc5586f.css?cb=638344662742248133
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c676aa290eb2aef73ea35f685776a4eda3dbba755b2a3199d191cd63fc6da89

Request headers

Referer: https://s3.lightboxcdn.com/custom_fonts/2d708ca6-e405-4ed6-8d00-16433cc5586f.css?cb=638344662742248133
Origin: https://westernusa.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
cf-cache-status: HIT
x-amz-request-id: J8NANA2ZE0H652JD
age: 32216
content-length: 104496
x-amz-id-2: cxF2rAw+0wuO+iccCp60hmZGpBHVieRzWX8ZY5DqoeUnNr4TQyJ96CQwSSpDROPMwhu0ZG4P6eg=
last-modified: Thu, 21 Nov 2019 21:38:44 GMT
server: cloudflare
etag: "5b8fe247f1f9bc7ad030c17ed07ba13f"
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/vnd.oasis.opendocument.formula-template
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 822b328ddd559b98-FRA
expires: Thu, 07 Nov 2024 04:50:51 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame EEB9 0
716 B 624ms
172ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419051705142
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699419051704769
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame EEB9 0
717 B 623ms
171ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419051705143
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699419051704764
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 25A7 29 KB
30 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give-usw.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:52:38 GMT
x-content-type-options: nosniff
age: 467893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:52:38 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 25A7 29 KB
29 KB 34ms
13ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give-usw.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:52:38 GMT
x-content-type-options: nosniff
age: 467893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:52:38 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame F873 930 B
1 KB 13ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 65
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 04:50:51 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 25
x-content-type-options: nosniff
x-request-id: 8dfb64ce-661d-4dc9-9ddc-df10d24dbdf4
x-served-by: cache-fra-eddf8230113-FRA
x-timer: S1699419051.203140,VS0,VE0

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/9d15588c/www-widgetapi.vflset/ Frame 25A7 215 KB
67 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9d15588c/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1442bd1e775db156e5e8dfdac18d3363e323fe5dcaa648224124fb898b97b441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2132
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68259
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Nov 2024 04:15:19 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ Frame 25A7 88 KB
30 KB 6ms
6ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://give-usw.salvationarmy.org/
Origin: https://give-usw.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 35538
x-cache: HIT, HIT
content-length: 30957
x-served-by: cache-lga13629-LGA, cache-fra-eddf8230120-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699419051.225529,VS0,VE0
etag: W/"28feccc0-15e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 1, 3470

GET
H2 200 frame-modern.04b87629.js Show response
js.intercomcdn.com/ Frame F092 510 KB
141 KB 63ms
21ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.04b87629.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/gaf623xb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

98b24e77ba7064f3fe61b2d261f7d83e185a3d3acf701ab924ca3626dc77bfe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: QiVwBbX5i8EoSp90GQuEsNJ64ft3RXnP
content-encoding: gzip
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 02:58:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 6760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 144009
last-modified: Tue, 07 Nov 2023 10:55:34 GMT
server: AmazonS3
etag: "ed548435ff40848851fa60cfa75fb8fe"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: pl-fn2ogOtK6I2iL0CW9wbi1KrmuLCDWrzS3vFSl3sXWcZw1h4a23A==

GET
H2 200 vendor-modern.39b0b15a.js Show response
js.intercomcdn.com/ Frame F092 426 KB
131 KB 49ms
7ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.39b0b15a.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/gaf623xb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d6b0d063dfaebbc19c739741e85c8a273b960240b710774c74fd1947a343f6b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: F11HmjLDEMRNhheeDdXVnUW_Q29EFas2
content-encoding: gzip
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 04:07:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 2585
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 133793
last-modified: Mon, 06 Nov 2023 10:03:47 GMT
server: AmazonS3
etag: "c3d7c800929ac60bd7338a4bf9c3f40b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 8KojZMWr86-dVk8WBUZNz-wFk60IJVRd6KeepgU8K2L2lgImymfEcw==

GET
H2

200

/
www.google.de/pagead/1p-conversion/788785286/ Frame 25A7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/788785286/?random=719930136&cv=9&fst=1699419051099&num=1&value=0&label=wZwFCJ_w_4gBEIbRj_gC&bg=ffffff&hl=en&guid=ON&resp=GooglemKTyb...
https://www.google.com/pagead/1p-conversion/788785286/?random=719930136&cv=9&fst=1699419051099&num=1&value=0&label=wZwFCJ_w_4gBEIbRj_gC&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u...
https://www.google.de/pagead/1p-conversion/788785286/?random=719930136&cv=9&fst=1699419051099&num=1&value=0&label=wZwFCJ_w_4gBEIbRj_gC&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_...

42 B
108 B

24ms
24ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/788785286/?random=719930136&cv=9&fst=1699419051099&num=1&value=0&label=wZwFCJ_w_4gBEIbRj_gC&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fgive-usw.salvationarmy.org%2Fgive%2F506522%2F&ref=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&tiba=Donate%20to%20The%20Salvation%20Army-Website&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI8-f2ps2zggMVVeO7CB2fEQcm&is_vtc=1&ocp_id=qxNLZbPmBtXG7_UPn6OcsAI&cid=CAQSKQDICaaNEFdT7-F2GeoweMnVMgQh0l8hqwNfHyzI0ZYY3-X9qcEXp3PE&random=569125539&resp=GooglemKTybQhCsO&ipr=y

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/788785286/?random=719930136&cv=9&fst=1699419051099&num=1&value=0&label=wZwFCJ_w_4gBEIbRj_gC&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fgive-usw.salvationarmy.org%2Fgive%2F506522%2F&ref=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&tiba=Donate%20to%20The%20Salvation%20Army-Website&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI8-f2ps2zggMVVeO7CB2fEQcm&is_vtc=1&ocp_id=qxNLZbPmBtXG7_UPn6OcsAI&cid=CAQSKQDICaaNEFdT7-F2GeoweMnVMgQh0l8hqwNfHyzI0ZYY3-X9qcEXp3PE&random=569125539&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 25A7 32 KB
32 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give-usw.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 19:28:33 GMT
x-content-type-options: nosniff
age: 465738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 19:28:33 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 25A7 32 KB
32 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give-usw.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 19:28:33 GMT
x-content-type-options: nosniff
age: 465738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 19:28:33 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 25A7 29 KB
29 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give-usw.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:52:38 GMT
x-content-type-options: nosniff
age: 467893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:52:38 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 25A7 29 KB
29 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give-usw.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:52:38 GMT
x-content-type-options: nosniff
age: 467893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:52:38 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 25A7 29 KB
29 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give-usw.salvationarmy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:52:38 GMT
x-content-type-options: nosniff
age: 467893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:52:38 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame F873 0
490 B 531ms
173ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419051705660
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1699419051704839
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame F873 87 KB
15 KB 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 08 Nov 2023 04:50:51 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 299
x-cache: HIT
content-length: 15509
x-request-id: 2b11684c-d140-4054-92c4-60cd69208a5d
x-served-by: cache-fra-eddf8230113-FRA
server: Fastly
x-timer: S1699419051.264676,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 69

GET
H2 200 iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js Show response
give-usw.salvationarmy.org/sso/ssobuild/js/ Frame 25A7 12 KB
5 KB 47ms
46ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give-usw.salvationarmy.org/sso/ssobuild/js/iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-79f6d2fedb637cca----1699419051293
traceparent: 00-77983819a718565d9c9acd037bbf2400-79f6d2fedb637cca-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3OWY2ZDJmZWRiNjM3Y2NhIiwidHIiOiI3Nzk4MzgxOWE3MTg1NjVkOWM5YWNkMDM3YmJmMjQwMCIsInRpIjoxNjk5NDE5MDUxMjkzfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give-usw.salvationarmy.org/give/506522/
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 19:49:10 GMT
cf-bgj: minify
server: cloudflare
age: 1117143
etag: W/"65397136-316e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 822b328ead5c9b86-FRA
expires: Fri, 25 Oct 2024 06:31:48 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame F873 156 B
670 B 527ms
173ms XHR
application/json 44.228.215.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-215-240.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

921b4f979b011f134820fab3dea70ae899e0c622554761ae8d586c8cfbea37fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419051808066
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699419051807850
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 status Show response
give-usw.salvationarmy.org/sso/ Frame 25A7 90 B
1 KB 170ms
169ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give-usw.salvationarmy.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361039781126677282996_1699419051290&_=1699419051291

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b9eb80d3e02ce8d104e056af645a8d21325f0341d8301e595c77d1fc29098a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-7a6a6d1ba710e089----1699419051372
traceparent: 00-b20f35595e7f98bdd4f410c34db0ba00-7a6a6d1ba710e089-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3YTZhNmQxYmE3MTBlMDg5IiwidHIiOiJiMjBmMzU1OTVlN2Y5OGJkZDRmNDEwYzM0ZGIwYmEwMCIsInRpIjoxNjk5NDE5MDUxMzcyfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give-usw.salvationarmy.org/give/506522/
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-security-policy: frame-ancestors 'self' https://*.classy.org;
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache, private
cf-ray: 822b328f1dad9b86-FRA
x-xss-protection: 1; mode=block

POST
H2 403 ping Show response
api-iam.intercom.io/messenger/web/ Frame F092 113 B
741 B 397ms
192ms XHR
application/json 3.94.174.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.04b87629.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.94.174.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-174-107.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ee8d78f2e49631a9910a5a86985bbb4c293adff605a78def512cf6cbe38ca65c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
status: 403 Forbidden
x-xss-protection: 1; mode=block
x-request-id: 0000kgg7uj073clmg7qg
x-runtime: 0.065443
server: nginx
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://westernusa.salvationarmy.org
x-intercom-version: 4687dc647970656307ab384374fe6c1cb71367e1
cache-control: no-cache
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 embedded-giving-logo-ach.svg
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/ Frame 25A7 1 KB
821 B 20ms
20ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/embedded-giving-logo-ach.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: H3FXM3AVDVZFYHKM
age: 9667
etag: W/"d71add3c9962a21340ec557ac0628bf7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 822b328ff8025d80-FRA
x-amz-id-2: 8pnEr+KJ5C7N/jyN7u4Xt+34ogquHReil+GpB7yRAHD5J3b7v7QkwXieESnq7cbxcvSMrtzH0zs=

POST
H2 200 1812038516 Show response
hn.inspectlet.com/ginit/ 25 B
597 B 216ms
198ms XHR
application/json 2606:4700:10::6816:38f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hn.inspectlet.com/ginit/1812038516
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:38f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 66735e6c28d7239fd36d897a7de435a6eb6995fceeb58a9f372287e92fa8f8a2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://westernusa.salvationarmy.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 25
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1699419051&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=0bVLSwia34dp08%2FrUAQy25Imtk18PAIm%2FQ7Aa9WueWg%3D
server: cloudflare
etag: W/"19-tkHq2ROqccRXjyKp7cLNMQ"
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1699419051&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=0bVLSwia34dp08%2FrUAQy25Imtk18PAIm%2FQ7Aa9WueWg%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://westernusa.salvationarmy.org
access-control-allow-methods: GET, POST
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 822b32903d4e3733-FRA
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 controller-d9678bdd3bd53f13b263f8cb303c8ff6.html Show response
js.stripe.com/v3/ Frame B150 325 B
752 B 7ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

66739acaaa4a97f905fa0dbc1f9c79ae864e74f800856ae12b3988debfa986fd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give-usw.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 15
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 04:50:51 GMT
etag: "d9678bdd3bd53f13b263f8cb303c8ff6"
last-modified: Tue, 07 Nov 2023 21:22:28 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 7
x-content-type-options: nosniff
x-request-id: afd9a058-6568-47ec-b7f8-731a3bb2d3fe
x-served-by: cache-fra-eddf8230113-FRA

GET
H2 200 payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html Show response
js.stripe.com/v3/ Frame 1C05 408 B
971 B 7ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

254a4f72d93d5ee58581a41bf216a4fa457e8d4f7ba157c259f5b0065c8919c5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give-usw.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 26755
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 04:50:51 GMT
etag: "5193e04cdbb8b74183f82b5fa37af57f"
last-modified: Tue, 07 Nov 2023 21:22:42 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 271
x-content-type-options: nosniff
x-request-id: af907059-13a1-44c1-842f-a3ad60c03a25
x-served-by: cache-fra-eddf8230113-FRA

GET
H2 200 payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html Show response
js.stripe.com/v3/ Frame DA4E 344 B
1 KB 7ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

af3d716fd80fdee9a734dc9a3b2593245a08929fe7b5f42884eaacc651fe6f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give-usw.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 45
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 04:50:51 GMT
etag: "776ea7e8cfad736af619f73414cf2123"
last-modified: Tue, 07 Nov 2023 21:22:42 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 9d18d2ad-dc0a-4eb8-9e40-9c1730fe6a96
x-served-by: cache-fra-eddf8230113-FRA

GET
H2 200 payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html Show response
js.stripe.com/v3/ Frame BF21 408 B
300 B 7ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

254a4f72d93d5ee58581a41bf216a4fa457e8d4f7ba157c259f5b0065c8919c5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give-usw.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 26755
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 04:50:51 GMT
etag: "5193e04cdbb8b74183f82b5fa37af57f"
last-modified: Tue, 07 Nov 2023 21:22:42 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 272
x-content-type-options: nosniff
x-request-id: 55e14dfd-ecb9-441d-8b53-e31db5a3a9e7
x-served-by: cache-fra-eddf8230113-FRA

GET
H2 200 payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html Show response
js.stripe.com/v3/ Frame C16F 344 B
309 B 7ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

af3d716fd80fdee9a734dc9a3b2593245a08929fe7b5f42884eaacc651fe6f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give-usw.salvationarmy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 45
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 04:50:51 GMT
etag: "776ea7e8cfad736af619f73414cf2123"
last-modified: Tue, 07 Nov 2023 21:22:42 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 8df50e99-fd13-4ebc-8d65-9f8a5bcf5d9a
x-served-by: cache-fra-eddf8230113-FRA

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B150 532 KB
129 KB 10ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:51 GMT
via: 1.1 varnish
age: 26812
x-cache: HIT
content-length: 131812
x-request-id: 3faa7566-8553-471b-b6cc-0236c124d0ae
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2925

GET
H2 200 controller-22767579e868646fe8fee170ca5969e2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B150 652 KB
170 KB 12ms
10ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-22767579e868646fe8fee170ca5969e2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e973184fdfd8d34a092c8372b01b5a26eba02a08a1027bdc4faac414c93d59bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:51 GMT
via: 1.1 varnish
age: 26812
x-cache: HIT
content-length: 173826
x-request-id: 23439e2f-a55b-4e67-ab4f-8e622f9425ed
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Tue, 07 Nov 2023 21:22:39 GMT
server: Fastly
etag: "f776c00e01bc6a7932584c5dc3addff7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2609

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 1C05 118 KB
37 KB 141ms
70ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2665ff8dd613b62af6d60c79e90069e3739b39e050f953fac88e46183d51d747

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-z4hSEZ4kHK1nnYgpIKshiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-z4hSEZ4kHK1nnYgpIKshiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 08 Nov 2023 04:50:51 GMT

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1C05 532 KB
129 KB 11ms
10ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:51 GMT
via: 1.1 varnish
age: 26812
x-cache: HIT
content-length: 131812
x-request-id: c4351b20-d989-415a-a900-9f2a8206df7c
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2926

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1C05 10 KB
4 KB 37ms
37ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:51 GMT
via: 1.1 varnish
age: 1250932
x-cache: HIT
content-length: 4272
x-request-id: 6b860823-38dd-4ac1-a28c-3b2097c3aac1
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Tue, 24 Oct 2023 17:19:12 GMT
server: Fastly
etag: "947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8738

POST
H2 200 csp-report
q.stripe.com/ Frame B150 0
715 B 172ms
172ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419051713260
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699419051712910
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DA4E 532 KB
129 KB 18ms
18ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:51 GMT
via: 1.1 varnish
age: 26812
x-cache: HIT
content-length: 131812
x-request-id: ba6bf1db-c663-45e0-9884-2167348f7082
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2927

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DA4E 12 KB
5 KB 19ms
19ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:51 GMT
via: 1.1 varnish
age: 2511922
x-cache: HIT
content-length: 4877
x-request-id: d556e15f-1e61-483e-99ed-c7e49850ba12
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Mon, 09 Oct 2023 20:07:19 GMT
server: Fastly
etag: "330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13714

POST
H2 200 csp-report
q.stripe.com/ Frame 1C05 0
716 B 334ms
334ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419051873316
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699419051872684
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1C05 0
716 B 328ms
327ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419051873145
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699419051872713
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame BF21 118 KB
36 KB 136ms
72ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2665ff8dd613b62af6d60c79e90069e3739b39e050f953fac88e46183d51d747

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2Y1TcqSBHZETxJ7mIcvrNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2Y1TcqSBHZETxJ7mIcvrNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 08 Nov 2023 04:50:51 GMT

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BF21 532 KB
129 KB 22ms
20ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:51 GMT
via: 1.1 varnish
age: 26812
x-cache: HIT
content-length: 131812
x-request-id: 97168b08-c68d-4163-aea5-e0782e1578d9
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2928

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BF21 10 KB
4 KB 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:51 GMT
via: 1.1 varnish
age: 1250932
x-cache: HIT
content-length: 4272
x-request-id: 7d3e9bd5-c7f4-4825-b3be-7a77c0764198
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Tue, 24 Oct 2023 17:19:12 GMT
server: Fastly
etag: "947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8739

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C16F 532 KB
129 KB 25ms
21ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:51 GMT
via: 1.1 varnish
age: 26812
x-cache: HIT
content-length: 131812
x-request-id: 489be527-3a52-44bf-a79f-3b1f7fdaf287
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2929

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C16F 12 KB
5 KB 69ms
66ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:51 GMT
via: 1.1 varnish
age: 2511922
x-cache: HIT
content-length: 4877
x-request-id: 40795a97-a63d-443d-ab2a-dc58c0909dd6
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Mon, 09 Oct 2023 20:07:19 GMT
server: Fastly
etag: "330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13715

POST
H2 200 csp-report
q.stripe.com/ Frame DA4E 0
716 B 344ms
340ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419051874937
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699419051873439
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DA4E 0
716 B 329ms
325ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419051874541
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699419051873449
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame BF21 0
717 B 355ms
351ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419051876209
x-envoy-upstream-service-time: 11
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 6
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699419051873468
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame BF21 0
716 B 350ms
347ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419051876575
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699419051873490
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C16F 0
716 B 343ms
337ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419051875299
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699419051873601
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C16F 0
716 B 313ms
307ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419051874023
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699419051873731
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame B150 474 B
610 B 20ms
6ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9b618e1ecd2ecedd856240cc7a0aa6bff7b528e05f2788ba0114195ccb7efe74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 9
x-cache: HIT
content-length: 297
x-request-id: 1117563f-e2b4-4bd6-a279-e4ef0502a4ab
x-served-by: cache-fra-eddf8230037-FRA
last-modified: Tue, 07 Nov 2023 22:01:06 GMT
server: Fastly
etag: "a3831a1659489d23fe40b04c7ca1798d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame B150 474 B
371 B 6ms
6ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9b618e1ecd2ecedd856240cc7a0aa6bff7b528e05f2788ba0114195ccb7efe74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 04:50:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 9
x-cache: HIT
content-length: 297
x-request-id: 8945a379-24b9-4217-97a5-5c5e1087e259
x-served-by: cache-fra-eddf8230037-FRA
last-modified: Tue, 07 Nov 2023 22:01:06 GMT
server: Fastly
etag: "a3831a1659489d23fe40b04c7ca1798d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 210ms
195ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051874410
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419051873970
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 208ms
194ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051874107
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699419051873979
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 196ms
182ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051874078
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419051873897
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 202ms
193ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051874197
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419051874058
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 203ms
194ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051874186
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419051873669
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 191ms
182ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051874014
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419051873875
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 214ms
205ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051874354
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699419051873814
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 192ms
184ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051874057
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419051873843
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 214ms
206ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051874280
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699419051873856
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 202ms
193ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051874034
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419051873878
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 191ms
183ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051873888
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419051873707
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 190ms
182ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051873905
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419051873728
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 191ms
183ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051874030
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419051873782
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 173ms
173ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051944616
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419051944344
access-control-allow-credentials: true
content-length: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 4ED1 19 KB
8 KB 71ms
70ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5f4c2668d88e214163f517c08e4ad5880ab767eb2fc03202084468042d961a6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-bWvVqb9Vj6gwYAlS3EEUuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-bWvVqb9Vj6gwYAlS3EEUuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 08 Nov 2023 04:50:51 GMT
expires: Wed, 08 Nov 2023 04:50:51 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 64A8 19 KB
8 KB 77ms
77ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d1dc6d31d3bfe7507bcf6e40aa02103cbc587432ca113d009422a770d2ac52f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-TQ96_29llM_6wGqs2q1JuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-TQ96_29llM_6wGqs2q1JuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 08 Nov 2023 04:50:51 GMT
expires: Wed, 08 Nov 2023 04:50:51 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 174ms
173ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051985268
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699419051985105
access-control-allow-credentials: true
content-length: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame B150 2 KB
3 KB 325ms
249ms Fetch
application/json 52.30.58.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.30.58.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-58-64.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e1405331950dd5f127c163161a51e447bd90192c4947800d08ac91eb7b014fb7

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 1962
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 173ms
172ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:51 GMT
x-stripe-server-envoy-start-time-us: 1699419051988441
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419051988220
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame F873 156 B
668 B 173ms
173ms XHR
application/json 44.228.215.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-215-240.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

921b4f979b011f134820fab3dea70ae899e0c622554761ae8d586c8cfbea37fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 08 Nov 2023 04:50:52 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419052004005
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699419052003680
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame F873 156 B
669 B 221ms
220ms XHR
application/json 44.228.215.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-215-240.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

921b4f979b011f134820fab3dea70ae899e0c622554761ae8d586c8cfbea37fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 08 Nov 2023 04:50:52 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419052054048
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699419052053821
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 4ED1 158 KB
56 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgNeqzrme4kB4D-PxBF9Q-VpChabw/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5008c4e8cacb4a9e632cb1b6ed9788a7cfa8a92b95748b82f42c47073ef737f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57374
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 07:52:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:15:27 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 4ED1 2 KB
2 KB 118ms
118ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 64A8 158 KB
56 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5008c4e8cacb4a9e632cb1b6ed9788a7cfa8a92b95748b82f42c47073ef737f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57374
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 07:52:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:15:27 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 64A8 2 KB
2 KB 117ms
117ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc... Frame 4ED1 73 KB
27 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrig3K_14WSD3T9SaACgaEyKbS8vyg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgNeqzrme4kB4D-PxBF9Q-VpChabw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c299735b69072e8281758f08645f82b2ea377aeabee7a9cf13df9449cf783a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27281
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:38:05 GMT

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc... Frame 64A8 73 KB
27 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c299735b69072e8281758f08645f82b2ea377aeabee7a9cf13df9449cf783a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27281
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:38:05 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 4ED1 1 MB
374 KB 69ms
69ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

123eb46d6960fadb1aaa8c3511625cb01ca6f9353ae0c38bc9b565da4eb4e241

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1re3NQ9V7lZyvfVeCb_0fQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1re3NQ9V7lZyvfVeCb_0fQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 08 Nov 2023 04:50:52 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc... Frame 4ED1 9 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrig3K_14WSD3T9SaACgaEyKbS8vyg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67296cd59935f73c50eb68ad73d75715c3429cafc055d5667fdf794be4e52bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3729
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:38:05 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc... Frame 4ED1 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrig3K_14WSD3T9SaACgaEyKbS8vyg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa4b813063702203bd07d9566b1c5543042636fd8a758ff742e5bbc963fda02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14044
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:38:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 38ms
14ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 04:50:52 GMT
expires: Wed, 08 Nov 2023 04:50:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 4ED1 131 B
155 B 54ms
38ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 04:50:52 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4ED1 131 B
155 B 53ms
42ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 04:50:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 39ms
17ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 04:50:52 GMT
expires: Wed, 08 Nov 2023 04:50:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 4ED1 131 B
155 B 53ms
41ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 04:50:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 37ms
16ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 04:50:52 GMT
expires: Wed, 08 Nov 2023 04:50:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 4ED1 131 B
155 B 50ms
40ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 04:50:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 35ms
18ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 04:50:52 GMT
expires: Wed, 08 Nov 2023 04:50:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 32ms
17ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 04:50:52 GMT
expires: Wed, 08 Nov 2023 04:50:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 4ED1 131 B
155 B 54ms
41ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 04:50:52 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 64A8 1 MB
374 KB 79ms
78ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

381dd9f0b8905762f8fc0865cb6f71ec25be856d9d1ec7910ebe65f56867240e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-C26FkXEZ2wSOgW7AO6CLcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-C26FkXEZ2wSOgW7AO6CLcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 08 Nov 2023 04:50:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 17ms
17ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 04:50:52 GMT
expires: Wed, 08 Nov 2023 04:50:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 4ED1 131 B
155 B 51ms
40ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 04:50:52 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
273 B 173ms
173ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:52 GMT
x-stripe-server-envoy-start-time-us: 1699419052148021
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419052147721
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 175ms
175ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:52 GMT
x-stripe-server-envoy-start-time-us: 1699419052151816
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419052151543
access-control-allow-credentials: true
content-length: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc... Frame 64A8 9 KB
4 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrig3K_14WSD3T9SaACgaEyKbS8vyg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67296cd59935f73c50eb68ad73d75715c3429cafc055d5667fdf794be4e52bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3729
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:38:05 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc... Frame 64A8 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrig3K_14WSD3T9SaACgaEyKbS8vyg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa4b813063702203bd07d9566b1c5543042636fd8a758ff742e5bbc963fda02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14044
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:38:05 GMT

POST
H3 200 log Show response
play.google.com/ Frame 64A8 131 B
155 B 34ms
31ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 04:50:52 GMT

POST
H3 200 log Show response
play.google.com/ Frame 64A8 131 B
155 B 32ms
29ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 04:50:52 GMT

POST
H3 200 log Show response
play.google.com/ Frame 64A8 131 B
155 B 44ms
44ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 04:50:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 15ms
13ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 04:50:52 GMT
expires: Wed, 08 Nov 2023 04:50:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 13ms
13ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 04:50:52 GMT
expires: Wed, 08 Nov 2023 04:50:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 15ms
15ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 04:50:52 GMT
expires: Wed, 08 Nov 2023 04:50:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 64A8 131 B
155 B 27ms
26ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 04:50:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 14ms
13ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 04:50:52 GMT
expires: Wed, 08 Nov 2023 04:50:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 14ms
13ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 04:50:52 GMT
expires: Wed, 08 Nov 2023 04:50:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 64A8 131 B
155 B 43ms
42ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 04:50:52 GMT

POST
H3 200 log Show response
play.google.com/ Frame 64A8 131 B
155 B 39ms
38ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 04:50:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 14ms
14ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 04:50:52 GMT
expires: Wed, 08 Nov 2023 04:50:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 176ms
169ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:52 GMT
x-stripe-server-envoy-start-time-us: 1699419052183984
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419052183830
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 180ms
172ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:52 GMT
x-stripe-server-envoy-start-time-us: 1699419052187444
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419052187187
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 173ms
173ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:52 GMT
x-stripe-server-envoy-start-time-us: 1699419052315178
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699419052315060
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
273 B 174ms
173ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:52 GMT
x-stripe-server-envoy-start-time-us: 1699419052316102
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419052315946
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 173ms
173ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:52 GMT
x-stripe-server-envoy-start-time-us: 1699419052339481
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419052339247
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 173ms
173ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:52 GMT
x-stripe-server-envoy-start-time-us: 1699419052339956
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419052339709
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 173ms
173ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:52 GMT
x-stripe-server-envoy-start-time-us: 1699419052342312
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699419052342074
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 174ms
174ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:52 GMT
x-stripe-server-envoy-start-time-us: 1699419052342675
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419052342416
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 174ms
173ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:52 GMT
x-stripe-server-envoy-start-time-us: 1699419052345079
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699419052344737
access-control-allow-credentials: true
content-length: 0

GET
H2 200 GooglePay-logo.svg
give-usw.salvationarmy.org/static/global/images/digitalWallets/ Frame 25A7 3 KB
1 KB 420ms
419ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give-usw.salvationarmy.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/give/506522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:50:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 03 Nov 2023 01:03:42 GMT
server: cloudflare
etag: W/"654446ee-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 822b3294a9f59b86-FRA
expires: Thu, 07 Nov 2024 04:50:52 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame B150 0
274 B 174ms
173ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 04:50:52 GMT
x-stripe-server-envoy-start-time-us: 1699419052352768
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699419052352330
access-control-allow-credentials: true
content-length: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VQBV3M3REJ&gtm=45je3b60v894101021&_p=1699419047017&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1502720560.1699419047&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1699419047&sct=1&seg=0&dl=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&dt=The%20Salvation%20Army%20Western%20Territory&en=scroll&epn.percent_scrolled=90&_et=18&tfd=6908
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VQBV3M3REJ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://westernusa.salvationarmy.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B3CZW0LNLQ&gtm=45je3b60v894101633&_p=1699419047017&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1502720560.1699419047&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699419047&sct=1&seg=0&dl=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&dt=The%20Salvation%20Army%20Western%20Territory&en=scroll&epn.percent_scrolled=90&_et=11&tfd=6915
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B3CZW0LNLQ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://westernusa.salvationarmy.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/12a/intl/de_ALL/ 254 KB
57 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/12a/intl/de_ALL/common.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

888251d9c1d30c3ede58252f72f0f438ac145cbd40b7456689bb315eeefdb743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 19:19:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57525
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 21:27:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 19:19:35 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/12a/intl/de_ALL/ 155 KB
49 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/12a/intl/de_ALL/util.js

Requested by

Host: westernusa.salvationarmy.org
URL: https://westernusa.salvationarmy.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80372e17ea5ace0dcec3798f9ad4efd5424ba33853fd0a7d9f1498899bbe6f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 19:19:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50295
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 21:27:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 19:19:35 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DR4WC585XQ&gtm=45je3b60v9125877025&_p=1699419047017&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1502720560.1699419047&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=2&dl=https%3A%2F%2Fwesternusa.salvationarmy.org%2F&dt=The%20Salvation%20Army%20Western%20Territory&sid=1699419047&sct=1&seg=1&en=page_view&_ee=1&_et=4&tfd=7287
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DR4WC585XQ&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westernusa.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 04:50:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://westernusa.salvationarmy.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame F873 156 B
669 B 173ms
173ms XHR
application/json 44.228.215.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-215-240.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

921b4f979b011f134820fab3dea70ae899e0c622554761ae8d586c8cfbea37fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 08 Nov 2023 04:50:55 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699419055313408
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699419055312969
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 25A7 295 B
367 B 7ms
6ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give-usw.salvationarmy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 04:50:56 GMT
via: 1.1 varnish
age: 31049141
x-cache: HIT
content-length: 209
x-request-id: 5f3f4c7f-80fa-4220-83d4-372a97851e8c
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 39586

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZUsTqAAAAKvqzwN6&img=1

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

90 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 16:05:05	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.salvationarmy.org/	1970-01-20 16:05:05	Name: _gid Value: GA1.2.1381699707.1699419047
.salvationarmy.org/	1970-01-20 16:03:39	Name: _gat_UA-3145115-10 Value: 1
.salvationarmy.org/	1970-01-20 16:03:39	Name: _gat_UA-3145115-1 Value: 1
.salvationarmy.org/	1970-01-21 01:39:39	Name: _ga_VQBV3M3REJ Value: GS1.1.1699419047.1.0.1699419047.0.0.0
.salvationarmy.org/	1970-01-21 01:39:39	Name: _ga_B3CZW0LNLQ Value: GS1.1.1699419047.1.0.1699419047.0.0.0
.salvationarmy.org/	1970-01-20 18:13:15	Name: _fbp Value: fb.1.1699419047308.1795707189
.salvationarmy.org/	1970-01-21 01:39:39	Name: _ga Value: GA1.2.1502720560.1699419047
.salvationarmy.org/	1970-01-20 16:03:39	Name: _gat Value: 1
widgets.guidestar.org/	1970-01-20 16:13:43	Name: AWSALBCORS Value: HDvRDiJqLOdUN5g62kzeolUD1Kjsc7QS7up5dldAijzk1SR3Upl61Amn28CM/uv0Q7yBeJ13rwd2sOb2MOYLHJ79j++9Hp3W2U2/see9KcCtUuFzJjbrVBYQvHmm
.salvationarmy.org/	1970-01-21 01:39:39	Name: _ga_DR4WC585XQ Value: GS1.2.1699419047.1.1.1699419047.0.0.0
.classy.org/	1970-01-20 16:03:40	Name: __cf_bm Value: iMkWGyc0xBIJUo0YMCcT4xf4mO37KoP6QRrUVEWnpU4-1699419047-0-AUE25A+r/7AAJeXD1S7ovQmUsBEFIi2XVqWaDbKWD+5/we/BvMyT+7uumwSiIXMh5TbBuYI5uAjCZ45VwZuMzI8=
.classy.org/	1969-12-31 23:59:59	Name: _cfuvid Value: kHnG61fWXLdB_e9WP6B8Wj6CRSwl99rQfIo4_zHeBD0-1699419047715-0-604800000
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: wniUW6NOMDg
.youtube.com/	1970-01-20 20:22:51	Name: VISITOR_INFO1_LIVE Value: -n6tDDFqUeI
.demdex.net/	1970-01-20 20:22:51	Name: demdex Value: 65467669184316211842981170000779011768
.salvationarmy.org/	1969-12-31 23:59:59	Name: AMCVS_20A0289659302A7E0A495D28%40AdobeOrg Value: 1
.salvationarmy.org/	1970-01-20 18:13:15	Name: _rdt_uuid Value: 1699419048274.c82ef66b-6a49-40f3-ac39-5e97295aa684
.salvationarmy.org/	1969-12-31 23:59:59	Name: at_check Value: true
.salvationarmy.org/	1970-01-21 01:33:25	Name: _scid Value: b6a94ded-6c11-4ebc-8d2c-21ac57b74311
.salvationarmy.org/	1970-01-21 01:33:25	Name: _scid_r Value: b6a94ded-6c11-4ebc-8d2c-21ac57b74311
.everesttech.net/	1970-01-21 00:49:15	Name: everest_g_v2 Value: g_surferid~ZUsTqAAAAKvqzwN6
.dpm.demdex.net/	1970-01-20 20:22:51	Name: dpm Value: 65467669184316211842981170000779011768
.thesalvationarmy.tt.omtrdc.net/	1970-01-20 16:03:40	Name: thesalvationarmy!mboxSession Value: 26c374d386ba42a0bd766e349600f214
.thesalvationarmy.tt.omtrdc.net/	1970-01-21 01:39:39	Name: thesalvationarmy!mboxPC Value: 26c374d386ba42a0bd766e349600f214.37_0
.salvationarmy.org/	1970-01-21 01:39:39	Name: AMCV_20A0289659302A7E0A495D28%40AdobeOrg Value: 179643557%7CMCIDTS%7C19670%7CMCMID%7C64902840297544874132997120749719164045%7CMCAAMLH-1700023848%7C6%7CMCAAMB-1700023848%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1699426248s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19677%7CvVersion%7C5.5.0
.salvationarmy.org/	1970-01-21 01:39:39	Name: mbox Value: session#26c374d386ba42a0bd766e349600f214#1699420909\|PC#26c374d386ba42a0bd766e349600f214.37_0#1762663849
.classy.org/	1969-12-31 23:59:59	Name: __cfruid Value: 33ad68f1a9f91d09256ba5c83d993fee12cdbbf9-1699419048
.quantserve.com/	1970-01-21 01:33:53	Name: mc Value: 654b13a8-72186-bc936-045a1
.quantserve.com/	1970-01-20 18:13:15	Name: d Value: EPABDAGwKrmvYA
.salvationarmy.org/	1970-01-20 16:03:40	Name: s_ppn Value: SAL%3AUSW%20%7C%20homepage
.salvationarmy.org/	1970-01-20 16:03:40	Name: gpv_v9 Value: SAL%3AUSW%20%7C%20homepage
.salvationarmy.org/	1969-12-31 23:59:59	Name: s_cc Value: true
.ispot.tv/	1970-01-21 01:39:39	Name: pt Value: v2:a671a1f1dd77d0bdc095fdb58d92d0c218786fe6e5a319c3df410d44b73c30fe\|8e8b975d4f64206ece815dde9a886ef5ae487142487c52b3d9ffe165db7936fd
.tealiumiq.com/	1970-01-21 00:49:15	Name: TAPID Value: salvationarmy/sal-donate>018bad44c8370017f37056d35c6103074002506c00b08\|
.salvationarmy.org/	1970-01-20 18:13:15	Name: _gcl_au Value: 1.1.2145807206.1699419049
.salvationarmy.org/	1970-01-21 00:49:15	Name: utag_main Value: v_id:018bad44c8370017f37056d35c6103074002506c00b08$_sn:1$_se:1$_ss:1$_st:1699420847992$ses_id:1699419047992%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:salvationarmy.org$quantcast_sync_session:1699419047992%3Bexp-session$dc_visit:1$dc_event:1%3Bexp-session$dc_region:eu-central-1%3Bexp-session
.turn.com/	1970-01-20 20:22:51	Name: uid Value: 8160306291098026259
.salvationarmy.org/	1970-01-20 16:03:39	Name: _gat_t_sal_dev Value: 1
.salvationarmy.org/	1970-01-20 16:05:05	Name: _uetsid Value: 62b8d1f07df211ee9c68f1fefddc76e2
.salvationarmy.org/	1970-01-21 01:25:15	Name: _uetvid Value: 62b915107df211eeafb807df1e85d156
.vindicosuite.com/	1970-01-21 01:39:39	Name: cug Value: rkQ0Gdv6b-cL9D
.vindicosuite.com/	1970-01-21 01:39:39	Name: ct Value: 1699419048
.doubleclick.net/	1970-01-21 01:25:15	Name: IDE Value: AHWqTUmkj-_pvUrqE9btS6gTuQ8eixX2P6eJXdPuQVxS0NpayW3z5d2JhdOGf6yT2rI
.bing.com/	1970-01-21 01:25:15	Name: MUID Value: 35C6FF78182D62C01D4AECBB19FF63F7
.yahoo.com/	1970-01-21 00:49:36	Name: A3 Value: d=AQABBKgTS2UCECyrziKTxml9f2P65p-JKJsFEgEBAQFlTGVUZeAKyiMA_eMAAA&S=AQAAAstVWHnOWYdrrBL-Syzr-fU
.analytics.yahoo.com/	1970-01-21 00:49:15	Name: IDSYNC Value: 19cu~2exg
.rfihub.com/	1970-01-21 01:25:15	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjA3NjUyNLS0NBHiM9QNcdR1tHTKTM_QjSgDAJ2PBYwlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjA3NjUyNLS0NBHiM9QNcdR1tHTKTM_QjSgDAJ2PBYwlAAAA
.adnxs.com/	1970-01-20 18:13:15	Name: uuid2 Value: 8956252710106427776
.getrockerbox.com/	1970-01-20 16:46:51	Name: uuid Value: rbos-ad0218ef-e588-490a-a630-2c65142b6db2
.salvationarmy.org/	1970-01-20 16:46:51	Name: rbuid Value: rbos-ad0218ef-e588-490a-a630-2c65142b6db2
.media.net/	1970-01-21 00:49:15	Name: visitor-id Value: 3424206485428429000V10
.media.net/	1970-01-21 00:47:48	Name: data-rk Value: 5141210828001828802~~3
.casalemedia.com/	1970-01-20 18:13:15	Name: CMPS Value: 5149
.casalemedia.com/	1970-01-21 00:49:15	Name: CMID Value: ZUsTqKZhpHKLR8N2Zi5yugAA
.casalemedia.com/	1970-01-20 18:13:15	Name: CMPRO Value: 5149
.eyeota.net/	1970-01-20 16:03:39	Name: SERVERID Value: 20151~DM
.krxd.net/	1970-01-20 20:22:51	Name: _kuid_ Value: P5yeZXYt
.lightboxcdn.com/	1969-12-31 23:59:59	Name: _cfuvid Value: HU9I14onWAqYggJPMHf928_gOYTMCYTDg3QwlZOw7xc-1699419049089-0-604800000
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129TMsNkgLKa908TPM97csyQhyDy8pKF7FKBAVWhxS6AgE3mWFVeV-Zk0s5ibJluamqWkpuilmBia6JgaJRrpJFhaGupbmJqaJyUAxIMPK0MzS0sTQEsjRMzQxMjWyNAUAFiD4aGsAAAA
.adnxs.com/	1970-01-20 18:13:15	Name: anj Value: dTM7k!M40<DYRWSF']wIg2E?^lq6lL!fsuh(w@sroE>z'oYxM24uE^p`8=l$3O4rM4/UEJ4dInuM-J0!$rQt-Rbl)9?Lx=$XzE42Rc5R1@enEnF0xmvY-.y3Ny^dpQwj1-Mq<M=UK(>.?R+$ZR!uJ3!<4M!0nf8M
.rezync.com/	1970-01-20 20:22:51	Name: zync-uuid Value: ab658341-b82f-42e3-83ba-99c3bb79d0f8:1699419049.1415327
live.rezync.com/	1970-01-20 20:22:51	Name: sd-session-id Value: .eJwNy0EOgyAQQNG7zFoahmGE4TIGdExIq23Ebmq8e1n-5P0Lpo8eW951PyGdx1cHmF-1V4N0Qau_TZ-QgNFGZglkA7FDFPFwD9C0tfrep7p0k8vIkTyaEt1qvFMykUo2IjOVEmSxa0w49hXFenmgRyYX4P4DsIwlrA.ZUsTqQ.motDNRDRWoUDZ-8XnNwSGNbrcrI
give-usw.salvationarmy.org/	1970-01-21 01:39:39	Name: connect.sid Value: s%3AXoY95_xN1Mjn6vWNryyBf4uIpCcphbX4.w%2F29AD74RYY%2FPnDckkkLE9TuuaR37IxXciKQAx0XyEI
.give-usw.salvationarmy.org/	1970-01-20 16:03:40	Name: __cf_bm Value: OaGVH7UZqdIwyv93ix77IHT0y5wnw37EGjVRixdqj3A-1699419049-0-AQFbWukLcyoxXvEk7xYEn1MDhBKYRsspCgEj4pHf7yiz+6gr4W4DTA3Vmh+y6lg1otKjZeVjG0hH5SDrFtJu/yE=
.give-usw.salvationarmy.org/	1969-12-31 23:59:59	Name: __cfruid Value: 3fb4de12bb1ae33d7d7cdf20847ae3554cd5a6de-1699419049
.give-usw.salvationarmy.org/	1969-12-31 23:59:59	Name: _cfuvid Value: Ga5_v7wDH8XR.DUM03HTLIcmPXFrCGMpUvtWgDfpJlU-1699419049434-0-604800000
.rfihub.com/	1970-01-21 01:25:15	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129TMsNkgLKa908TPM97csyQhyDy8pKA7iNTSztDQxtDQwsbA0NJ_FiMS3MDDbhMbfhcY_hcZ_hcb_hcafxITKX4TGX4XG34TG34WungWVfwuNv4hVICq0OKTQEQi8ywqryv3MVrEie9nYcBMrqpZLSHxLE2OjV2j8VWyo_ENo_Eto_Fto_Efo8uyo_CYOVP4ublT3HeJGlZ8kbG6SbGlumpqWoptiZmCia2KQaKSbZGFhqGtpbmKamAwUAzKsEJr0DE2MTI0sTWcJI5lkZGy4CJVv9EgYLXKFUW0GACoEeYJaAgAA
.demdex.net/	1970-01-20 20:22:51	Name: dextp Value: 470-1-1699419048437\|1175-1-1699419048540\|3462-1-1699419048662\|30646-1-1699419048765\|49276-1-1699419048866\|144230-1-1699419048967\|144231-1-1699419049068\|144232-1-1699419049172\|144233-1-1699419049274\|144234-1-1699419049405\|144235-1-1699419049507\|144236-1-1699419049610\|144237-1-1699419049711
.api.lightboxcdn.com/	1970-01-20 16:03:42	Name: TiPMix Value: 13.049666196298382
.api.lightboxcdn.com/	1970-01-20 16:03:42	Name: x-ms-routing-name Value: self
.salvationarmy.org/	1969-12-31 23:59:59	Name: s_ppvl Value: SAL%253AUSW%2520%257C%2520homepage%2C20%2C20%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.salvationarmy.org/	1969-12-31 23:59:59	Name: s_ppv Value: SAL%253AUSW%2520%257C%2520homepage%2C20%2C20%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.salvationarmy.org/	1969-12-31 23:59:59	Name: s_ptc Value: 1.06%5E%5E0.06%5E%5E0.00%5E%5E0.20%5E%5E0.10%5E%5E0.10%5E%5E3.72%5E%5E0.01%5E%5E5.16
.salvationarmy.org/	1970-01-21 01:39:39	Name: xdibx Value: N4Ig-mBGAeDGCuAnRIBcoAOGAuBnNAjAGwCcJALASQAwCsBATMQDQgYBusAdtmg67nypiZSjXIkAHE1Ydc3Xqn4hESADZoQAC2zYMuVAHpDAdwCmubGcRd4uAIYA6B2vb3sASwD2Xe4gC2AJ6OXogA5oYgrGrqmoZhHuxmhrTURLQMDIYAxACEhgAmPu7eXIawWmawANZe8NgA.Pb-dTwAvATU1ABkiFVIiB5cYW09GH24ZtgEbaljE1MMbQyp3eMWUwDMHV1rC9jksz2wYLiIsG0A6maQuB5WAKoAypfdJ2ewSwAKg.5-gQARYpWABC9WwPm6ZhG2FUZihYQwbSKCIAZvYOlEQGo8IRSBQqHRGMQAL6sCAwdbsNCgAr2QJCADaIgJ4ik9AAumTwFBoGYkjwhMBuRS4B4CpoSPZaPYmAwAOwAWgK5Fg5EV5AKJCIipItFokkVsH1kHI9iIm3SkkgipZYmoEk28oYIBJQA___
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: a20fe23c10d51499
give-usw.salvationarmy.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: MiefJU8s-D25IbzveS1v5GO4ghB8NquKHYnk
.salvationarmy.org/	1970-01-21 00:49:15	Name: __insp_wid Value: 1812038516
.salvationarmy.org/	1970-01-21 00:49:15	Name: __insp_slim Value: 1699419051526
.salvationarmy.org/	1970-01-21 00:49:15	Name: __insp_nv Value: true
.salvationarmy.org/	1970-01-21 00:49:15	Name: __insp_targlpu Value: aHR0cHM6Ly93ZXN0ZXJudXNhLnNhbHZhdGlvbmFybXkub3JnLw%3D%3D
.salvationarmy.org/	1970-01-21 00:49:15	Name: __insp_targlpt Value: VGhlIFNhbHZhdGlvbiBBcm15IFdlc3Rlcm4gVGVycml0b3J5
give-usw.salvationarmy.org/	1970-01-20 16:03:39	Name: XSRF-TOKEN Value: eyJpdiI6ImlwQ2ZsRGUzV0hveWZKUWlHd3JvMnc9PSIsInZhbHVlIjoiYTZzeVRnR0ZnVU9tVzh0TVpQKytJbXBhTVpTRkorUTRvK1JjUGlQWmdZOWtvTG1TTGJxZFJsblF4R2laNHNlcTh1ZHVkMTFyb0dNcFhxZnhZK2JJc2lSSjZyUkt5RmlUaUpxSFdlNXh4ZU4yV0lLaFlwOWZWWm14S1dYdHYvT0UiLCJtYWMiOiI4NGYzNmQwZjBlODMxYTE5ZWUwNTAyYzQwMTI5Nzc0YjRmZTMwMzVjOWRmZWExZjA2MTk0MDc2OGZmZTA1YjYwIiwidGFnIjoiIn0%3D
give-usw.salvationarmy.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6ImczOWF0S055QWlOYUw2a0IzWEhjMlE9PSIsInZhbHVlIjoiNmY5dGVFbXN4bE9uZU1TVFVHU0pkYm42OWpjLzlJTE42bHVURWVUenBzVDhDZ2xVZ3RJam44QWNIRkQxbm9QUTZCME5WWjFHcS9OVUtYR2tBeHRFdklkUkxnbG1FcmZrZUIyaDEwYjlhL1I4QTZwYTlqNUhub2lsT3UycjlaTHUiLCJtYWMiOiI4ZWE1YzVmOWMyYTFmZTg1OWIzOTYxYzUxNWI2ZjcwNjI2NmY0NTIxNDJhYzU4ZDJkYjQ3YzU5MjQ4OTRhYmFiIiwidGFnIjoiIn0%3D
.salvationarmy.org/	1970-01-21 00:49:15	Name: __insp_norec_sess Value: true
.google.com/	1970-01-20 20:27:10	Name: NID Value: 511=erK-H8i3hm0zE883uuhPzF0fj-V8Msm6R6sPi5bK3wuguzFfo8CIlMg9OxEhyyteyGVxFTQxleEh8ud6QOW0iGrWrq9otBza5d8bgT-aDhZGgx5lTbLu8IKIG81kVgPU38j0MRzz7BEIpNbF990DCwTgRjgpbybhugYMcxc0hA8
m.stripe.com/	1970-01-21 01:39:39	Name: m Value: 576a86b7-fdd3-4d95-8d21-550f1d7b43359bd2a8
.give-usw.salvationarmy.org/	1970-01-21 00:49:15	Name: __stripe_mid Value: 1d825311-192f-4d5f-b2d2-6a72342c691044810a
.give-usw.salvationarmy.org/	1970-01-20 16:03:40	Name: __stripe_sid Value: c09c5489-d3d6-40a7-bbe8-dea7032bf879a18284

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5108559730735211994 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5141210828001828802 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=7e693bfe-001d-445d-a2b3-ba3a799fcabc%3A1699419048.9338665&_=1699419048.9367824 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=4f874ded-8ca1-4ba8-b28c-8340d83c9a29%3A1699419049.0743155&_=1699419049.0769165 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=ab658341-b82f-42e3-83ba-99c3bb79d0f8%3A1699419049.1415327&_=1699419049.1444614 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=4c975efd-d604-40a2-b881-9745ac604974%3A1699419049.1425295&_=1699419049.1462352 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZUsTqAAAAKvqzwN6&img=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://westernusa.salvationarmy.org/(Line 474) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://files.doublethedonation.com/fontello/css/fontello.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.lightboxcdn.com/vendor/c3d666a9-b5be-4e2c-ac9c-bb409386e267/user.js?cb=638344662774748477(Line 159) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://api-iam.intercom.io/messenger/web/ping Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10359058.fls.doubleclick.net
20682257p.rfihub.com
20682259p.rfihub.com
8879652.fls.doubleclick.net
a.rfihub.com
aa.agkn.com
adservice.google.com
adservice.google.de
alb.reddit.com
api-iam.intercom.io
api.lightboxcdn.com
bam-cell.nr-data.net
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
bttrack.com
c1.rfihub.net
cache.vindicosuite.com
cdn.inspectlet.com
cdn.jsdelivr.net
cdn.plaid.com
cdn.rawgit.com
cdn.transcend.io
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
code.jquery.com
collect.tealiumiq.com
connect.facebook.net
contextual.media.net
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
files.doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
getrockerbox.com
give-usw.salvationarmy.org
googleads.g.doubleclick.net
hn.inspectlet.com
htp.tokenex.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js-agent.newrelic.com
js.intercomcdn.com
js.stripe.com
live.rezync.com
m.stripe.com
m.stripe.network
maps.googleapis.com
merchant-ui-api.stripe.com
mpp.vindicosuite.com
p.rfihub.com
p.typekit.net
partners.tremorhub.com
pay.classy.org
pay.google.com
pixel.rubiconproject.com
pixel.sitescout.com
play.google.com
prod-frs.content.classy.org
ps.eyeota.net
pt.ispot.tv
q.stripe.com
r.stripe.com
region1.google-analytics.com
s.ytimg.com
s3-us-west-1.amazonaws.com
s3.amazonaws.com
s3.lightboxcdn.com
sc-static.net
sdk.classy.org
secure-ds.serving-sys.com
secure.adnxs.com
static.cloudflareinsights.com
static.salvationarmy.org
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
tags.tiqcdn.com
thesalvationarmy.demdex.net
thesalvationarmy.sc.omtrdc.net
thesalvationarmy.tt.omtrdc.net
tr.snapchat.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
usw.salvationarmy.org
visitor-service-eu-central-1.tealiumiq.com
westernusa.salvationarmy.org
widget.intercom.io
widgets.guidestar.org
www.classy.org
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.lightboxcdn.com
www.redditstatic.com
www.youtube.com
x.bidswitch.net
x.dlx.addthis.com
sync.search.spotxchange.com
13.224.189.49
13.32.121.38
13.32.27.113
142.250.185.102
142.250.185.162
143.204.207.250
151.101.194.132
151.101.194.137
151.101.2.49
151.101.64.176
162.247.241.2
172.64.109.3
172.64.151.101
172.67.23.169
18.184.216.10
18.197.205.175
18.66.147.3
185.89.210.180
192.132.33.68
193.0.160.130
193.108.153.28
198.47.127.205
20.40.202.0
2001:4860:4802:34::36
2001:678:cb4:bbbb::13
23.212.212.65
2400:52e0:1e00::1080:1
2600:1f18:612b:4280:43c0:214f:6eb7:4a47
2600:9000:214f:ba00:1:76cf:fe80:93a1
2600:9000:21f3:c600:7:2bfb:7c00:93a1
2600:9000:2250:1a00:2:8531:afc0:93a1
2600:9000:2646:3c00:11:c186:a480:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:38f5
2606:4700::6810:3865
2606:4700::6810:5514
2606:4700::6810:7daf
2606:4700::6811:190e
2606:4700::6812:7c49
2606:4700::6812:c55f
2606:4700::6813:d483
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:c11::200
2a00:1450:4001:800::2004
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c00::5c
2a00:1450:400c:c06::9d
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:1490
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::396
2a04:4e42:200::649
2a04:4e42:400::396
3.124.24.218
3.234.103.103
3.67.182.127
3.75.62.37
3.94.174.107
34.252.33.233
34.254.109.178
34.98.64.218
35.156.144.148
35.156.25.133
35.186.236.204
35.190.43.134
35.244.174.68
44.216.205.237
44.228.215.240
52.143.247.24
52.210.47.152
52.217.200.24
52.219.117.120
52.30.58.64
54.187.159.182
63.140.62.135
63.32.86.161
65.126.242.58
66.235.152.152
69.173.144.139
69.192.160.219
93.184.220.12
95.101.148.20
98.98.134.243
00f7898216fc98f62a6dec0077f7d46045d02a056e7f58675cb62b363a5d14dd
021096b48b7c0d34e117329d008bd99361df68ed12264f1408159b5e60f4a2a9
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
0524593c51d313589e0e8e8a8b069c1c7ecc5dc94a2c59dd2809b0e326d407f8
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0674837a4ce811b14767caa92af09b8e7f6397a465469564b949c21144c5ac99
079e0e4cf169158ef6810dd9672772aef3c4c5a512bd640efb85d0c8b907a288
07e33be4b2ec422e4cf8ca2b6ace4bac90628502b63b34b5e2dca818474b0134
08a8dc04d52d1fd9de2930cc9c6e39f994eddcd039de193078b602670f5ac914
0b7bcf91c1c993db793e2e82f8d73e7daaaffc4659a8d067c680df4d7128ad09
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0d3880a6706d9a9e6ae9f9370eabaadeda460174fbf2385ed316681d1103ff56
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
0de2cb4c9ce1677fba9438fca34d6b47936aed59f13069495765343e859578cc
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
0edf8bc8c6df3c99cc8b025fe674ca0cf1f515459ea160d4a39942bb80988f48
123eb46d6960fadb1aaa8c3511625cb01ca6f9353ae0c38bc9b565da4eb4e241
1442bd1e775db156e5e8dfdac18d3363e323fe5dcaa648224124fb898b97b441
171fda7da00357598dfcf15a5df20cb295b20f0af64c42703d624209c2c1ccaa
188b23f9668ddaf7cdc2fb113094d87bc2584dfa5aa7542cc51393275e064d10
18956d2f9cb5d2e24a34b58e390cd121dfb8d650507a1d1ca30d5ad5e3bb9be9
18ee1b868ddc68c914411437b515c36fbcc913dee5699e6e70df814535c71a8d
19be89c7c105ee087cc3154a43bfa3c2840d1c0ea42e2c58e392bffc24425f8e
1aa4b813063702203bd07d9566b1c5543042636fd8a758ff742e5bbc963fda02
1ac3fcec85cc7b4ab9dc0829a5913ca7a9fe49e01af24eaa2891ffa44dbec8a9
1b23692ff9286f5f4a12214c2402dec9f9434f29de1d021dc4b249090679e014
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a
1e0228e3f3eb115d604f65a68c9a1d4747e3877ecddd2b226dbeff45d50a9df1
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
20ef4da1f52e644b33db950ccecc1b6bf03458916dcaaed3ace197a2a4f46838
22360bb141f93d04a5d3c3986a018f87af44e19f72c08fbd5e4b1da299b2d512
248848734588e21d4eac1aa54cd2e31e38bc26f815802c278e6f74f28b787099
24c09042d38007583f245edda78430a55890238c7a527bba2b41a323a1c56d68
254a4f72d93d5ee58581a41bf216a4fa457e8d4f7ba157c259f5b0065c8919c5
26494c945e5b218b61d98e8be7fc6a3b4b04916f7fc03521187c418b998f9373
2665ff8dd613b62af6d60c79e90069e3739b39e050f953fac88e46183d51d747
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb
27cb055606a1039a02b7a5334686a76d691dc1997580e215e4c8929ff33aae26
28a46f75b9684b301f06d10582ad244fe336bc586286724241dac283074fe690
292da5515b8830e29cf8d4beececd8f700a15e92e5e1d087def6372f45a3d67d
29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c
2a02765403bb00511514639acf3fc312816ee544d8f8b28c03e4e34fac95976c
2aa4afc11c9d7a606d9d9697bf302736df839525aa7a74cf7456d0eb777d0920
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
2d1dc6d31d3bfe7507bcf6e40aa02103cbc587432ca113d009422a770d2ac52f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fa548ebf3453e814764cb66bd6241abb3ef1c1112b7956eedbd8ce910dfdbac
2fc35a13f316643ea2f2403e13dc177769384419662da0c9ac8d6f3eac0590c9
339ce996239e7c571e51f417398571602561e3d6bf66c59e1df61f085490b419
33aacb4c657b463cbe3a15e901f19f342a6be6651967ddaed9fda33f545887f0
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
35c2f50cee657248e47baabb3d7fff387ff4297b53e7bf3f540a646efdf4a423
381dd9f0b8905762f8fc0865cb6f71ec25be856d9d1ec7910ebe65f56867240e
38a2ed6ef60ea7adec370944bb5d5fb1a60a18caa0366facd4626bf7b8eabfd9
38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458
38fb913bc8a440947a0a4605ceac8b470899ade135151adefe63efa150810ea8
3967ffc4083b74f59614f7fb3d5299750b0a44797927300a16f175a6f0e0d8f8
39c658ef377f9ec31442c5343a15bdfc4c4653bcca74bc7d6fe4b3e736a60aa4
3b34b22f7f831bdb5f04016c22b0496679e7ffd46d4d933a21be82a99da508a0
3b9eb80d3e02ce8d104e056af645a8d21325f0341d8301e595c77d1fc29098a1
3c676aa290eb2aef73ea35f685776a4eda3dbba755b2a3199d191cd63fc6da89
3c7e7cd5105ab592d163c34d6ace415c2a3e195c335c47889924e30c282481d3
3d91d7fd9c0611ab9052a2124103f31709e6ac6609b159669d315c5f0fe16604
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
402740c5977179721a0bf80ccfcd95a3def72f6fb8300803ced180d882eccf6b
43f5092a8a186c1c7ef5e43b54eb247eab4ce9e036ffcc52cc29f7de5aee0fd9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4464d35be8540eee45ade3178b2fb356622714b75758fb54a6ee24af5d61a12b
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
478d1c430fa13d83b8c0e185a858fa1bbc1e6d0d6f1fbca630e6ba5ca644980f
49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9766155e2c0481e769a4befe3ad2e744d746e428d3f26833d2afa0a8c76c61
4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13
4d68d71ad1d6d3e54e3256e40ababfb5b6fb1d02f59b7f8d699c0b5b94efb133
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0c68360d5ab8d107772cb7325915a43aae6eef2b35eb6edc7a1bac92f2ca24
4e8d47f2d51e5c15ed54e8237f827005d675eec474216e7931e534c78ff30158
4f2986c6fe2bc819d950e5f2533348501627f1b582b87fd03103c54660710abd
4f48b18eba5c5ec4fb95b04ea9c52b17cbc28b88c059f3df1ecbfb65518368e5
5013720a1091644b368a9265d4c42b174b4536b40bf423f95ffc38f8ad1fe1a9
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
508711b5c60e214eb735c2edb80c947b9818109388c4e987ebe4f39048c50b73
50fe4c2baefa596d52d812e357b06e89f7d1024abb99f312afa4e1b1da57eec2
51864fe340507c4ba2adac9014f53d4ad5d0df17a9127a898c9ed6f1c1d1f3ef
53571fa31734f289b8f3e225856451f4381c65b626a089a445ed0c946050e1cd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58d83726e6b43d3d9ad01849b069e230e1c5194f54de4d2b1039e1aea2d9b101
5909a4574982bcb076962653c274751f84107e989f4bc18836e7766e5f63d858
5949d5ddcab8ece573a3a4c68ac3ff466840a68fcacf2aebb35059e7f837ad3f
5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a
5b41fb472cf4193e4954709108b884e125d14c8baa56bc0cf6b61fcc46ec0469
5c1a55c2c49c4f583f2c1e0db000f7cfd9c4b916ba0d862469a11c6c932ff403
5d51b326d2d511aa9e6c693da628be438fcd3ec1dd6a6660e65e9c17b6dd1974
5d554121551df68e414c85920b6541d2e92251a189ff19a4b1f8dffe97ce1cb5
5d7dbdae54dc88eedae69f8f764477fc280b5acb374428305d0d7616169a5518
5e30cc830df87c1c7ac1ee161b8a09fc0237308b1dca66a3644064bd56d0f931
5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb
60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5
60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
62c0b464ebdeb53edb3532fcc46463a15f813a8b0f90291674d06aa3974d3433
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
647722dd9a79ca1027ab5c91a471e7b87a3a09d403d71cddfb4dd04c3afab6b2
65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf
66735e6c28d7239fd36d897a7de435a6eb6995fceeb58a9f372287e92fa8f8a2
66739acaaa4a97f905fa0dbc1f9c79ae864e74f800856ae12b3988debfa986fd
67296cd59935f73c50eb68ad73d75715c3429cafc055d5667fdf794be4e52bf2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6599c82298b91c760db8c7811d40b1126a6fe58370387e0b7e89e57aab94c8
6d1e5637fff40ffd5944949829c765669ef9f8548b9a71e7b3836bc14a24dc19
6fd2bbbe703a720831da7aad3a4d8ec8b931bcc7ed8517f62d5a72e7b02e68c8
70a0b250d3a5b19ebcc1331289848515d9368fc58f2ddb138b388a1f7790c176
71f0b0080c3113ba45c76028d2d953598f06e2bb8e9b26cbeaed5ba22a828892
74c429a7c2089c98a0fb60009f59018e1fef3c4956309bd2b5d48c2307798133
76164d9d399c8baca4656cd791982fdbd043413f39cf1a56c2d36c12ceb0b7b2
7a003c39315be3354ad28c1b73eeb796128241c3fc9690643e5439ed644f28d0
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f00cb292b7fe18ed5cdf18124a58d7d784c765a26cd909371a009853105ba7a
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
7f4dabfbe1019695714fdd06f0a97fa23fcd2b0e33fac3a228ee7a2fb2628706
7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b
80372e17ea5ace0dcec3798f9ad4efd5424ba33853fd0a7d9f1498899bbe6f60
8072603eaec40a877ab1c121d28025c849b18be2ba218ef3470d7ddfb7b829c3
8093cecf806c0f1709b935f5e4d08b7d3368994980378c25a2cbaf9bc2775956
82879e61c44184d28de17b6e3b0fe128cac726acda877c0e50010f9941a73549
82e032cbff4961d20c35a7f66c37ab4f4f10ace2cdc628ef9cdee30e912c634a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d7091a5c0a3c8ac268a247139fa6069c8d50787e68533d780b6694034a33dc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
888251d9c1d30c3ede58252f72f0f438ac145cbd40b7456689bb315eeefdb743
88e781cd1341d2c8bdce2969d4e478c9fcb1e91c54de6777ad1b38b5ed684693
8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37
89b2462070a1a639c693794bc1d8d9131e6eb9274fc7fb0fb854943e58940a22
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
8ca59ea276635e06f4153a8979c26329c234dcc44673066902f6971ecdefc758
8d0209545bb167a0047dd2b50e5cdad0d308f651621c6ee5c62f3a9d2fd068f8
8d4d29042c23b5fcbed3af690421776de0f8ad3d308d66e24a9d80bcc8ccb522
909be32618ee045a87b529c10b6e486cc2568c419bae026ab23e2dac6c152020
90a230db7d91aa480b1cad32e3672afbd39896609475e6df9810933c6face12e
921b4f979b011f134820fab3dea70ae899e0c622554761ae8d586c8cfbea37fc
9260e54a8df9cf0e00e7745b58563943666b2a5e00a4cbba224728490668017d
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9584770b33b47a91a4a253da4943e50287f6ab1bcd3e78c6d21d4dd42a1b898f
9669a10126dc3af0dfb585a7d1f1359638262289968aa7c202ad70de3371f073
968d1ca52c4cac48c44ea38933cb5759c9b943e6a3cc0f6c06b70cb9160f05ff
96c963e7b76a4b76e1e09afbe2f36c87c3ff0971fc4ec17e2f9853e244592f72
98b24e77ba7064f3fe61b2d261f7d83e185a3d3acf701ab924ca3626dc77bfe5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99b33ba8faeb410c356891ff4284769fb8755507e308bdaec9929df3076509a2
9b0833187f27d82413754b8e8c7d0e269c559a70b38c5e868f4594ad9d381a4f
9b618e1ecd2ecedd856240cc7a0aa6bff7b528e05f2788ba0114195ccb7efe74
9bdeba67a5e0f64db65210a03aa5c808e21ec02a5cff47bce7611b6ade9ee9e0
9ca9d31f3f621954176f2af3955d7b2f691fde115dee35b03fdec5eb889209e6
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9ef2f1fbe14d3a5cec04c65a77ff4d80d7395ef6b8515a55d50c02f3add79a3d
9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a38eb79a61ef2cdeab1a3dbda7609f4acb515494c5aac829ac87c6ba6be1ad9c
a3b766a1b07d858d6d436cbbf83e23ba2579a0d7ffd24b9d4870ea58537243b5
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a412d8c3b7fe93e22e416fb43ee6e2e6984c973266a247e0dc825340c95f1408
a4dcb52a8e25e26359050e94bc43424d5da2eff39b81db1fc591b8ce48c129c8
a5008c4e8cacb4a9e632cb1b6ed9788a7cfa8a92b95748b82f42c47073ef737f
a57a9f18c1cd1427deb1df65b1b059636ddb7b36aa32fe394f094203feb1f99e
a61d5f5fb83673584bad5639a788ce7c9a98d47035f2c58ab06371b6755cf79e
a670bbddce87b51a2f4d8cd4daa04e96424f6a6578594ebfca22e4bf5f72a742
a6e9e1722cffa254dc5061e3d89fc40a4faec0cd7d44819923657d498e8df822
a6f87133addde22e68582cc543cafcd8919c242a11f6f1298ccadcefbb7a4896
a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f
a7ede4c1ce1326fe200631cb658a7c7148f8d35478a32206d633745c4ba37994
ab2f0ecefec4b6679dda1810fc08c8e1f8f930436753344f20b55928230a963b
abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c
ac815e931816f2a6d9e52792a03f2a268b5a05b8c36eeea9fd7aca58cc5d479f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af3d716fd80fdee9a734dc9a3b2593245a08929fe7b5f42884eaacc651fe6f35
af596bcd381a888903330dc462699daf8be453f01623d1c6ad8e953b3017e101
b048395cb49760452d94202c560b2744828282291de013d442e7eb2d19e98b2a
b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b292d234580e7864f202c4d8b35f5017d9eebcdd06410dd9295be2efec9fc213
b5041548590e3f4d40b75316377b09cb408463ac22bec12a49e14a8d549591b8
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
bb1ef55a922d4cd853dfb2b81ff2baef7e9b87e9def3fff6c35b7938df04659b
c299735b69072e8281758f08645f82b2ea377aeabee7a9cf13df9449cf783a38
c3c9db6ed7374c1370ecfdfa08136c663b213196f9e4d00730023f5ece9a47f2
c5f4c2668d88e214163f517c08e4ad5880ab767eb2fc03202084468042d961a6
c6f45ef695fb46cead96c90c29c020809683ba96a852fd6c1f1ec7f5199e7904
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cafeb3e6ca5b4634f622c46814d61bfa184f467eae0ddd542d9608c9c822a0aa
cc4f6e80157bacd12df4366d30ca8f0a4327ffabe9467d088a83c3990af54827
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda2e699eb4dc72e220cc7f9fa6b9ab40a2a6c2b719f7f8960ca28b0c171bfdd
d1f63a2708bfe64bb3e6194db10e06054db1deee980ed8a399092f4966afcea1
d3bbdca61b2501b9d7dfc6561dd56322e84ca70ad40182287ea594ff0bffd4d5
d5a63c34b3496224224edf1543d72f4534b4608cf5ede6dd545608fb3fdef040
d6b0d063dfaebbc19c739741e85c8a273b960240b710774c74fd1947a343f6b2
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7ebb82b539b7f52cf6ed8853052c095ee1a2bf1ed56c3cbe1a61d908438085a
daa342ae0a2e95be18d206a8358ecf73193f2a1d6455eb29ac8b2907ae9db6e0
dc0ac0c30de99242bf9dfda2fce7f397c0f25a509745b24b4543104193b492df
ddf957b1307b1e82f4408747558cea0802dd51348d188406540322e8ea5607f8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb3c0eddfb3d22d66f79e532d49c33890f0b123fde1960ae2b2bf5ede390114
df08a45bf9a8a47a2616e0504a67292b41affcc44d02e2662545fdcd111599fc
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e1405331950dd5f127c163161a51e447bd90192c4947800d08ac91eb7b014fb7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cde94c39c00b10dfbda6a4cbc82c287bbf11659736598613d4632cfd12d48f
e42ff03153816c195a3eac2bd3ced4b5b68ca89cd6203fd1639780c504d48c4c
e619244f2d6af3c8e90d271c259d35374d6d1da6d260eca352bbf18f7520d7c5
e67a243f18157308586320b8755f8f42986e5e2410971109e2bb1819b9252b94
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e973184fdfd8d34a092c8372b01b5a26eba02a08a1027bdc4faac414c93d59bc
ea8835a6b10ad3297c12e2d6253d513568255c5a1e3599d620cbb54cb0049413
eb3bbcbfec8f49c46edf60bf3fc29367a01da2451148bc7b222088fc62b39b2f
ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ee8d78f2e49631a9910a5a86985bbb4c293adff605a78def512cf6cbe38ca65c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8cfef27669c7a25e004be58c65be3389d1629d2b26555251484f191e7acab8
ef9533ded6c72ec6881bcf997bb8c469310bbb1b9b68696501a2132fc118d7af
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f312ad0ad4595ab9e612868798f90c5bff04f507781cfb9084102e0aec5e2c59
f3b5e833ec31865e6ae793a7a707eb0df6ff825cf657051b4114d7d611af36b9
f3f4e6aa9a48efcdf656b48fdd85eeb37f66ea09ed8c04569452243c4f6faafa
f59406193524126971712d57081215abc2cad6765db343400ae34ea5b92c29ce
f6db089859b0c675ed35c58939a2eafcb2084c50f9663d6ae02d4dffa36e3dd5
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
f954a10c14f96a1a9c2629b195aca4591c888fbdb2e10028e14de89efdd802df
f9f8a2c12a04d9ac4408a2e31569abedeac96e4817b3e3b25e10a80cff9fc200
fa9b0ac404e1f90eb189ad43089e1b0422b86ee30b831cafd7c560c262653d6b
faa0247cf1e425da639cc74a10afe6ee0527d633c93c9ebb4404c83f8a381ffc
fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e
fd1ee2d1e823a880ea9028dbba05f7b54501d59121684be0fa5f982459a098b7
fd647d8ae1ca393a52b8a8e06afac09b2e8221cce3c4b89a8ebff978b3725b5d
fe0d7cbb8f36aa34b4961c1767165286712df8bf371fcc8516f27d9e624f262c
fe9e08d0ed30ae4d5b847f0c2ee5748717a7f6c3e8a33047e17045433bcfc319
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ffebfddd453aec6fbf5bde03036cea682e7a9435fb2104a1e7ef789f6727cc82

westernusa.salvationarmy.org Open in urlscan Pro 3.234.103.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

412 Requests

93 %HTTPS

44 %IPv6

73 Domains

111 Subdomains

89 IPs

5 Countries

9273 kBTransfer

32505 kBSize

90 Cookies

15 Outgoing links

Page URL History

Redirected requests

412 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

westernusa.salvationarmy.org Open in urlscan Pro
3.234.103.103 Public Scan

Screenshot
Live screenshot

Full Image

412
Requests

93 %
HTTPS

44 %
IPv6

73
Domains

111
Subdomains

89
IPs

5
Countries

9273 kB
Transfer

32505 kB
Size

90
Cookies

412 HTTP transactions
16 data transactions